incidr6

Cortex XDR XQL incidr6() function accepts an IPv6 address, and an IPv6 range in CIDR format, and returns true if the address is in range.

Synopsis

incidr6(
<IPv6_address>
,
<CIDR_range>
)

Description

The
incidr6()
function accepts an IPv6 address, and an IPv6 range using CIDR notation, and returns
true
if the address is in range.
The first parameter must contain an IPv6 address contained in an IPv6 field. For production purposes, this IPv6 address will normally be carried in a field that you retrieve from a dataset. For manual usage, assign the IPv6 address to a field, and then use that field with this function.

Examples

alter my_ip = "3031:3233:3435:3637:3839:4041:4243:4445" | alter inrange = incidr6(my_ip, "3031:3233:3435:3637:0000:0000:0000:0000/64") | fields inrange | limit 1

Recommended For You