I'm looking for the best Splunk IP geolocation and IRR lookup utility (doesn't have to be necessarily free and doesn't have to be one tool).
Ideally it should provide the following info: country code, country name, city, latitude, longitude, ASN number, ASN org name, BGP network prefix, prefix name from the route registry
What I have found so far:
Splunk builtin Iplocation https://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Iplocation
Main issues: No route registry information, no BGP data
geoip from from Google Maps https://splunkbase.splunk.com/app/368/
Main issues: obsolete, no route registry information
Geo ASN https://splunkbase.splunk.com/app/576/
Main issues: obsolete, no country code
I guess most of that job should do simple script using free MaxMind database. I'm somehow surprised I can't find anything like that but I could have overlooked something obvious.
Any other suggestions with regards to up to date tools?
... View more