Simple GeoIP Information for Web Traffic

This simple query will show if IIS traffic came to a given site from three geographical possibilities: “United States” “International” or “Unknown” sources. This relies entirely on geoip lookup. You can change the country of “United States” to anything you desire for you own data set (just make the change in the eval section below!). […]

Continue Reading →

Top 5 Visiting Countries in IIS

The following Splunk query will list the top 5 visiting countries using the built in “iplocation” feature in Splunk:

Continue Reading →