This supporting add-on (SA) for Splunk advanced IP information enrichment using the MaxMind family of databases.
| `seckit_iplocation(fieldname)` | `seckit_iplocation(fieldname,prefix)`
Where fieldname is the name of the field containing the IP
prefix is the prefix to assign to the output fields
| NOOP | stats count | EVAL src="220.127.116.11" | `seckit_iplocation(src)`
tag=network tag=communicate | `seckit_iplocation(src,"geo")`
- Update the geoipupdate utility
- Update geoip2 library
- Add new fields from the anonymous IP DB
- BREAKING CHANGE: Drop support for Splunk Enterprise <8.0 due to python3 requirements of Geoip2
Minor update missing JS files due to misconfigured gitignore
- Update maxmind geoip update utility
- Require account and token now that MaxMind is suspended anonymous downloads of mmdb
- Python2/3 support
- Update geolocation utility to version 4.0.3
- Ensure +x is set on geolocation utility
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.