Adding enrichment sources

Add enrichment to the logs with the help of information provided by CSV files. For more information, see Adding-a-CSV-enrichment-source.

Important

The DNS, GeoIP, and LDAP enrichment sources are not available starting with the 22.2 release. The existing enrichment policies that contain any of these enrichment sources will not enrich logs by using these sources. The CSV enrichment source will continue to enrich the logs. 





 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*