How-To: Exclude RFC1819 and Non-Routable IP Addresses

LogScale Documentation Full Library Knowledge Base Release Notes Integrations Training API GraphQL API Contacting Support

Page was created:22 Feb 2024

RFC1918 subnets and non-routable IPs may be addresses that you want to exclude in order to get a better idea of external traffic patterns. To do so, use the cidr() function:

| !cidr(LocalAddressIP4, subnet=["224.0.0.0/4", "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "127.0.0.0/8", "169.254.0.0/16", "0.0.0.0/32"])
| !cidr(RemoteAddressIP4, subnet=["224.0.0.0/4", "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "127.0.0.0/8", "169.254.0.0/16", "0.0.0.0/32"])

Knowledge Base

How-To: Exclude RFC1819 and Non-Routable IP Addresses

Enter search term