The threatip operator correlates data in the sumoglobalfeedcs threat intelligence source based on IP addresses from your log data. This provides security analytics that helps you to detect threats in your environment, while also protecting against sophisticated and persistent cyber-attacks.