Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cidr_match on keys of a lookup table #18100

Open
theherodied opened this issue Jan 30, 2024 · 0 comments
Open

cidr_match on keys of a lookup table #18100

theherodied opened this issue Jan 30, 2024 · 0 comments
Labels
feature triaged

Comments

@theherodied
Copy link

It would be useful to be able to perform a cidr_match on the keys of a lookup table. @brucegivens opened a request on the now archived graylog-plugin-pipeline-processor repository here:

Graylog2/graylog-plugin-pipeline-processor#246

The goal would be to look up a specific ip and have it do a cidr_match on a lookup table.

For example:

CSV lookup table containing Amazon AWS IP ranges:
"100.20.0.0/14","amazon-ip-range"
"100.24.0.0/13","amazon-ip-range"
"103.246.148.0/22","amazon-ip-range"
"103.4.8.0/21","amazon-ip-range"

Then have the pipeline rule peform a cidr_match for an ip such as 100.20.0.1 against the lookup_table and return the value amazon-ip-range.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@theherodied @sethgraylog