The threatip operator correlates data in the Sumo Logic threat intelligence sources based on IP addresses from your log data. This provides security analytics that helps you to detect threats in your environment, while also protecting against sophisticated and persistent cyber-attacks.