Network & Location Query Functions

LogScale's network functions can be used to identify or filter networks, IP and network addresses.

Table: Network Query Functions

FunctionDefault ArgumentAvailabilityDescription
asn([as], [field])field  Determines autonomous system number and organization associated.
cidr([column], field, [file], [negate], [subnet])field  Filters events using CIDR subnets.
communityId([as], destinationip, [destinationport], [icmpcode], [icmptype], proto, [seed], sourceip, [sourceport])   Computes the Community ID, a standard for hashing network flows.
ipLocation([as], [field])field  Determines country, city, longitude, and latitude for given IP address.
rdns([as], field, [server])field  Events using RDNS lookup.
shannonEntropy([as], field)field  Calculates a entropy measure from a string of characters.
subnet([as], bits, field)field  Computes a subnet from a IPV4 field.
urlDecode([as], field)field  URL-decodes the contents of a string field.
urlEncode([as], field, [type])field  URL-encodes the contents of a string field.