Cortex XDR XQL incidr6() function accepts an IPv6 address, and an IPv6 range in CIDR format, and returns true if the address is in range.
incidr6()function accepts an IPv6 address, and an IPv6 range using CIDR notation, and returns
trueif the address is in range.
The first parameter must contain an IPv6 address contained in an IPv6 field. For production purposes, this IPv6 address will normally be carried in a field that you retrieve from a dataset. For manual usage, assign the IPv6 address to a field, and then use that field with this function.
alter my_ip = "3031:3233:3435:3637:3839:4041:4243:4445" | alter inrange = incidr6(my_ip, "3031:3233:3435:3637:0000:0000:0000:0000/64") | fields inrange | limit 1
Recommended For You
Recommended videos not found.