Mapping your Client IPs (Using Geo Lookup)

Follow
Avatar
Mario Sanchez
  • Edited

Use this query to display on a map the geo locations where your you are getting hits from (Source IPs). Search our documentation for additional fields available, like country_name, region, zip code, etc. https://help.sumologic.com/Search/Search_Query_Language/Search_Operators/Geo_Lookup

_sourceCategory=elb_aws_logs 
| lookup latitude, longitude from geo://default on ip=client_ip 
| count by latitude, longitude 
| sort _count
0

Comments

3 comments

Sort by Date Votes
  • Avatar
    Michael Pose

    This seems to be broken/unreliable.
    We are getting lat/long located in Kansas for our IP in Florida.

    0
    Comment actions Permalink
  • Avatar
    Brian Bozzello

    Hi Michael - sorry to hear you're getting some misplaced IPs. If the database cannot find a match for the IP address, it will resolve to a default location (in this particular case, Kansas). We are actively working on upgrading to a more accurate database - we will keep you posted when that is available! 

    0
    Comment actions Permalink
  • Avatar
    Michael Pose

    Thanks for the update Brian. In our case it's our FL call center which accounts for the majority of the traffic, that gets placed in Kansas, so the feature is kind of unusable for us at the moment. Looking forward to an update!

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post