-
Notifications
You must be signed in to change notification settings - Fork 2
Home
IP Format Conversion Scripted Lookup for Splunk
Splunk's built-in eval command can be used to perform IP address format conversion, however it's a complex and messy process that doesn't lend itself well to the mapping of IP address fields to the Common Information Model (CIM). This app provides an 'ipconvert' scripted lookup for converting IP addresses to and from an integer. With this app installed on the search head you can create a props.conf stanza to automatically convert an integer format IP address to a CIM-normalised string IP address field.
- Release notes
- Support and resources
- Requirements
- Installation
- Configuration
Version 0.2.x of TA-ipconvert is compatible with:
| Splunk Enterprise versions | 8.0+ |
|---|---|
| Platforms | Platform independent |
| Vendor Products | Linux |
| Lookup file changes | None |
Version 0.2.0 of TA-ipconvert fixes the following issues:
- Python 3 compatibility for Splunk 8.0+
Version 0.1.0 of TA-ipconvert fixes the following issues:
- None
- None
Please post questions at https://answers.splunk.com, however this app is provided as is with no warranty, implied or otherwise; please see the LICENSE document for more information. Feedback about possible improvements and good news stories of how this app has helped your organisation are most welcome.
- None
To function properly, TA-ipconvert requires the following software:
- Splunk Enterprise 8.0+
Simply install this app on your search head.
No configuration is required.