Hello all,
can some one suggest me the best method to compare the source_ip in events to the lookup table which have the list of all the permitted IP ranges. Then to show the events for which the source_ip is not matched lookup table
senario:
index=abc source_ip=x.x.x.x
lookup ip_ranges (have only one column with details of ip ranges x.x.x.x/x)