Chapter 7. Enriching Data – Lookups and Workflows
In this chapter, we will learn how to augment and enrich the data within Splunk. You will learn about:
Looking up product code descriptions
Flagging suspicious IP addresses
Creating a session state table
Adding hostnames to IP addresses
Searching ARIN for a given IP address
Triggering a Google search for a given error
Creating a ticket for application errors
Looking up inventory from an external database