icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

We are working on something new...

A Fresh New Splunkbase
We are designing a New Splunkbase to improve search and discoverability of apps. Check out our new and improved features like Categories and Collections. New Splunkbase is currently in preview mode, as it is under active development. We welcome you to navigate New Splunkbase and give us feedback.
Cancel Visit New Splunkbase Visit
My Account
Login Signup
Support & Services
Search Splunk Documentation Splunk Answers Education & Training User Groups Splunk App Developers Support Portal Contact Us
My Account
Login Signup
Support & Services
Search Splunk Documentation Splunk Answers Education & Training User Groups Splunk App Developers Support Portal Contact Us

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

End User License Agreement for Third-Party Content

Splunk Websites Terms and Conditions of Use

Thank You

Downloading DocoDoco for Splunk
SHA256 checksum (docodoco-for-splunk_201.tgz) 7668629a9844f67e00518aaa3eb0be255ef710373425ac39e653213f86845b29 SHA256 checksum (docodoco-for-splunk_102.tgz) 6fdf28476e3a75ba866b21bbe698fa1dae71c6a3c81e3edb431a840fa7d68b81 SHA256 checksum (docodoco-for-splunk_101.tgz) e90775a7cb08ce4a7c62df13c21900c96db0dd27cb198c48da2a4c9208a943e5 SHA256 checksum (docodoco-for-splunk_100.tgz) 69c5dbf954deb80d22856bd317795fbf5d55a548e0d002281dbcadd6b8f64f28
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate
splunk

DocoDoco for Splunk
This app is NOT supported by Splunk. Please read about what that means for you here.
Overview
Details
This add-on enables to add about 55 kinds of information for area, organization and environment to IP addresses, such as country, municipality, organizational name, business type and line, by tying up with “DocoDoco” which is a service offered by Geolocation Technology, Inc.

このアドオンは、株式会社Geolocation Technologyのサービス「どこどこJP」と連携し
IPアドレスに対して国や都道府県市区町村、企業名や業種、回線といった
計55種類の地域情報や組織情報、環境を付加することが出来るアドオンです。

Adding the information of area, organization and environment to IP addresses strengthens the visualization of machine data operated by Splunk in the aspect of web analytics; those are security analysis in the event of incidents as divulging of information, illegal login, targeted attack, and analysis of converted user.

IPアドレスに地域や組織、環境情報を付加できる事によって
情報漏えい、不正ログイン、標的型攻撃などのインシデント発生時のセキュリティ分析
コンバージョンしたユーザの分析等の Webアナリティクスの面において
splunkで行えるログの可視化を一層強化します。

You need to sign up with DocoDoco (fee-based) for using this application.

※このアプリケーションを使用する為には別途「どこどこJP」(有料)と契約する必要があります。

■どこどこJPについて
どこどこJPの詳細については下記のサイトをご参照下さい。
https://www.docodoco.jp/

■About DocoDoco
Please refer to the following site for details of DocoDoco.
https://www.docodoco.jp/

■導入方法
1.ダウンロード
 splunkbaseより「docodoco for splunk」をダウンロードします
2.インストール
 「docodoco for splunk」をsplunkにインストールします
3.どこどこJPに登録、APIキー取得
 どこどこJPに登録しAPIキーを取得します。(有料)
 登録、キーの取得については、下記のページをご参照下さい。
https://admin.docodoco.jp/signup/
4.どこどこJPAPIキーの設定
 「$SPLUNK_HOME$\etc\apps\docodoco/bin/config.ini」 の
 「key1」「key2」にどこどこJPのAPIキーを設定します。
  ※「count」はどこどこJPへの並列リクエスト数です。環境に合わせ変更して下さい。

*使用例
| lookup docodoco ipaddr as clientip
| lookup docodoco ipaddr as clientip output PrefJName OrgName DomainName

取得可能なデータは、どこどこJPのリターンパラメータに準拠します。
下記ページのリターンパラメータをご参照下さい。
https://www.docodoco.jp/api/rest/

サードパーティデータの場合は、「パラメータ@親ノード名」になります。
―法人番号
https://www.docodoco.jp/data/marketplace/corporate-number/
| lookup docodoco ipaddr as clientip output HoujinBangou@HoujinBangou_3 HoujinName@HoujinBangou_3

―匿名ネットワーク
https://www.docodoco.jp/data/marketplace/anonymous-network/
|lookup docodoco ipaddr as clientip output Name@AnonymousNetwork_5 Score@AnonymousNetwork_5 Info@AnonymousNetwork_5

―天気
https://www.docodoco.jp/data/marketplace/weather-data/
天気予報 気温予報 降水確率 風向き予報は、「WeatherA」
気象現況 紫外線予報は、「WeatherP」として下さい。
| lookup docodoco ipaddr as clientip output TodayWeather@WeatherA Weather@WeatherP

■Method of installation
1. Download
Download “docodoco for splunk” from splunkbase.
2. Install
Install “docodoco for splunk to splunk.
3. Registration to DocoDoco and obtain API key
Please refer to the following page for the registration and API key.
4. Set up API key to DocoDoco
Set up API key of DocoDoco to “key 1” and “key 2” of 「$SPLUNK_HOME$\etc\apps\docodoco/bin/config.ini」
※ “count” is the number of parallel requests to DocoDoco. Please change it according to your environment.

Example
| lookup docodoco ipaddr as clientip
| lookup docodoco ipaddr as clientip output PrefJName OrgName DomainName

Available data complies with the return parameter of DocoDoco.
Please refer to the following page for the return parameter.
https://www.docodoco.jp/api/rest/

In the case of Third party data, it will be "Parameter@Parent node name".
-corporate number
https://www.docodoco.jp/data/marketplace/corporate-number/
|lookup docodoco ipaddr as clientip output HoujinBangou@HoujinBangou_3 HoujinName@HoujinBangou_3

-Anonymized Network Data
https://www.docodoco.jp/data/marketplace/anonymous-network/
|lookup docodoco ipaddr as clientip output Name@AnonymousNetwork_5 Score@AnonymousNetwork_5 Info@AnonymousNetwork_5

-wether
https://www.docodoco.jp/data/marketplace/weather-data/
In the case of Weather forecast ,Temperature forecast,Chance of rain or Wind direction forecast ,"WeatherA"
In the case of Current weather situation or Ultraviolet forecast ,"WeatherP"
|lookup docodoco ipaddr as clientip output TodayWeather@WeatherA Weather@WeatherP

■制限等
・別途どこどこJPへの契約を行いAPIキーを取得する必要があります。
・どこどこJPへリクエストを行う為、インターネットへのアクセスが必須です。
・レスポンの応答速度は、インターネット環境等によって変化しますが
 CPU6コア10並列ので1000IP/分程度となります。

■Restrictions
・It is required to sign up with DocoDoco and get an API key.
・Internet access is essential for requesting DocoDoco.
・Response speed is 1000IP per minute for 10 parallel requests with CPU 6 core.
  *It varies according to internet environments

Release Notes

Version 2.0.1
April 5, 2022

Support for Python2 and Python3.
Version 1.0.2
June 21, 2016

:Bug Fix
Error occurs when the "weather option" is disabled
Version 1.0.1
April 15, 2016

Corresponding to the Third party data.
Version 1.0.0
March 1, 2016
772
Downloads
Share Subscribe LOGIN TO DOWNLOAD
Version
Built by
Geolocation Technology, Inc
Support
Not Supported
Questions on Splunk Answers Flag as inappropriate
Compatibility
Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise
Splunk Versions: 9.2, 9.1, 9.0, 8.2 Platform: Platform Independent Platform: Platform Independent Platform: Platform Independent Platform: Platform Independent
Licensing
End User License Agreement for Third-Party Content
Category & Contents
Categories: Utilities
App Type: Add-on
Subscribe Share

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.

Submit New Splunk App Dev Resources
PLATFORM
Data-to-Everything Platform
Splunk Cloud
Splunk Enterprise
Splunk Machine Learning Toolkit
Splunk Data Stream Processor
Pricing
Free Trials & Downloads
SECURITY PRODUCTS
Splunk Enterprise Security
Splunk Phantom
Splunk Mission Control
Splunk User Behavior Analytics
IT OPERATIONS & OBSERVABILITY PRODUCTS
Splunk Infrastructure Monitoring
Splunk IT Service Intelligence
Splunk Application Performance Monitoring
Splunk On-Call
SOLUTIONS BY INITIATIVE
Cloud Transformation
SOLUTIONS BY FUNCTION
Security
IT
Devops
SOLUTIONS BY INDUSTRY
Aerospace & Defense
Communications
Energy & Utilities
Financial Services
Healthcare
Higher Education
Manufacturing
Nonprofits
Online Services
Public Sector
Retail
WHY SPLUNK?
Why Splunk?
Customer Stories
Partners
Data-to-Everything
Diversity & Inclusion
SUPPORT
Support Portal
Support Programs
Splunk Answers
Contact Us
Product Security Updates
RESOURCES
Events
Webinars
Blogs
Customer Success
Expert Services
Data Insider
View All Resources
FOR DEVELOPERS
Documentation
Best Practices
Get Started with Splunk
Training & Certification
User Groups
Community
Splunkbase
Splunk dev
COMPANY
About Splunk
Careers
Leadership
Splunk for Good
Splunk Ventures
Splunk Protects
Newsroom
COVID-19 Response
SPLUNK SITES
.conf
Splunk Live!
T-Shirt Store
Investor Relations
Follow Us:
© 2005-2024 Splunk Inc. All rights reserved.
Sitemap | Privacy | Website Terms of Use | Splunk Licensing Terms | Export Control | Modern Slavery Statement | Splunk Patents | Report a Problem
Splunk, Splunk>,Turn Data Into Doing, Data-to-Everything, and D2E are trademarks or registered trademarks of Splunk Inc. in the United States and other countries. All other brand names,product names,or trademarks belong to their respective owners.