Chapter 7. Enriching Data – Lookups and Workflows
In this chapter, we will learn how to augment and enrich the data within Splunk. You will learn about:
- Looking up product code descriptions
- Flagging suspicious IP addresses
- Creating a session state table
- Adding hostnames to IP addresses
- Searching ARIN for a given IP address
- Triggering a Google search for a given error
- Creating a ticket for application errors
- Looking up inventory from an external database