Latest Version 1.2.0
January 20, 2020
Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
This app is archived. Learn more
MaxMind Database Tracker
So, you have Splunk running some Geo-location / iplocation queries, but the location results are sometimes wrong! Simple, your on-board Geo-Location DB (MaxMind) is out of date. It is only usually updated when Splunk is upgraded, but no more! Keep an eye on and set alerts for when the latest DB is released with this handy app. It checks every 12 hours for a new DB release on the MaxMind Website. If there is a new version released you can see the difference in MD5 value on the dashboard as well as an alert in 'Triggered Alarms'. (Set an email alert too!) Once you have the alert, download the new DB, overwrite the one in $splunk_home$/share, restart Splunk and Boom! You are bang up to date again!
Built by Mark Hill
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
Rating
0
(0)
Log in to rate this app
Support
Not Supported
So, you have Splunk running some Geo-location / iplocation queries, but the location results are sometimes wrong!
Simple, your on-board Geo-Location DB (MaxMind) is out of date.
It is only usually updated when Splunk is upgraded, but no more!
Keep an eye on and set alerts for when the latest DB is released with this handy app.
It checks every 12 hours for a new DB release on the MaxMind Website. If there is a new version released you can see the difference in MD5 value on the dashboard as well as an alert in 'Triggered Alarms'.
(Set an email alert too!)
Once you have the alert, download the new DB, overwrite the one in $splunk_home$/share, restart Splunk and Boom! You are bang up to date again!
Categories
Created By
Mark Hill
Type
addon
Downloads
1,733
Licensing
Splunk Answers
Resources
Log in to report this app listing