I am looking to use the MaxMind ISP database to get the Organization name for each IP address in various logs. The ISP database is nearly identical to the ASN database, but it seems to use different variable names for calling the request, so I can’t seem to get this to work (looking at the MaxMind Java documentation, the only difference is where the “reader” is defined.
AsnResponse response = reader.asn(ipAddress);
vs.
IspResponse response = reader.isp(ipAddress);
Curious if anyone has been able to get this database to work.
I have the GeoIP configurations working if I use the ASN, City, or Country databases, but it doesn’t seem to work when using the ISP database. Specifically, I am looking for the “ISP Name” and “Organization Name” from that database which isn’t available in the ASN, City, or Country databases.
IT looks like the Graylog adapter doesn’t have an ISP database type… github is the way to go… unless you are savvy enough to create one since it is opensource… or savvy in a different way convincing someone else to create it. There is the alternative of converting it to a text file and creating a table out of that… it would likely be inefficient though.
