geoip – HackerTarget.com https://hackertarget.com Security Vulnerability Scanners and Assessments Tue, 19 Nov 2019 03:28:03 +0000 en-US hourly 1 https://wordpress.org/?v=5.5.12 Update GeoIP data for Splunk App https://hackertarget.com/update-geoip-data-for-splunk-app/ Wed, 06 Feb 2013 07:04:50 +0000 http://hackertarget.com/?p=4097 If you are using the GeoIP app for Splunk you will find that it has not been updated recently. The last update was June 2011. Following my recent post regarding the installation of Splunk on an Ubuntu based system I started to dig into this app and found that it is a simple matter to […]

The post Update GeoIP data for Splunk App appeared first on HackerTarget.com.

]]> If you are using the GeoIP app for Splunk you will find that it has not been updated recently. The last update was June 2011. Following my recent post regarding the installation of Splunk on an Ubuntu based system I started to dig into this app and found that it is a simple matter to update the MaxMind GeoIP Lite database to the latest version.

Head over to the MaxMind website and grab the latest version of the GeoLiteCity.dat.gz file.

Download: http://dev.maxmind.com/geoip/geolite

Now uncompress the download with gzip.

gzip -d GeoLiteCity.dat.gz

If you take a look in /opt/splunk/etc/apps/maps/bin/ of your Splunk install you will see the version of the GeoLiteCity.dat file is August 20, 2011. Time to update it to the latest version.

cp GeoLiteCity.dat /opt/splunk/etc/apps/maps/bin/

Start searching Splunk with the latest GeoIP data from MaxMind. It really is that easy. 🙂

The post Update GeoIP data for Splunk App appeared first on HackerTarget.com.

]]>