Hi,
I am trying to figure out how to achieve something and would appreciate any help from your experience.
I have a view showing some search results. There are two extracted fields. One is source IP address and the second is destination IP address.
Now let's say I search for all events that have a certain destination IP address. I can easily get all extracted source IP addresses.
Now the tricky part:
I want to search for all events with the extracted source IP address and for those events extract all destination IP addresses.
Today I need to do this manually, copy each source IP into a new search, extract the destination IPs and then again copy them one by one into a new search.
Is there an easier way to do this? If not, is it possible to add this functionality by myself?
Thanks for the help!
... View more