package/default/macros.conf

# SPDX-FileCopyrightText: 2020 Splunk Inc (Ryan Faircloth) <rfaircloth@splunk.com>
#
# SPDX-License-Identifier: Apache-2.0

[seckit_iplocation(2)]
args = ip,prefix
definition = lookup SecKitIPLocation   ip as $ip$\
OUTPUT city as $prefix$_city,\
country as $prefix$_country,\
lat as $prefix$_lat,\
long as $prefix$_long,\
connection_type as $prefix$_connection_type ,\
isp as $prefix$_isp,\
isp_ip as $prefix$_isp_ip,\
isp_asn as $prefix$_isp_asn,\
isp_asn_organization as $prefix$_isp_asn_organization, \
is_residential_proxy as $prefix$_is_residential_proxy, \
is_public_proxy as $prefix$_is_public_proxy, \
is_tor_exit_node as $prefix$_is_tor_exit_node, \
is_anonymous_vpn  as $prefix$_is_anonymous_vpn, \
is_hosting_provider as $prefix$_is_hosting_provider, \
is_anonymous as $prefix$_is_anonymous

iseval = 0

[seckit_iplocation(1)]
args = ip
definition = `seckit_iplocation($ip$,$ip$)`
iseval = 0