K2Bridge
K2Bridge copied to clipboard
Published
20 hours ago •
microsoft
microsoft
Add support for IPV4 range
Add support for IPV4 Range
Add a dedicated range aggregation for IP typed fields
"aggs": {
"ip_ranges": {
"ip_range": {
"field": "ip",
"ranges": [
{ "to": "10.0.0.5" },
{ "from": "10.0.0.5" }
]
}
}
}
Response:
{
...
"aggregations": {
"ip_ranges": {
"buckets": [
{
"key": "*-10.0.0.5",
"to": "10.0.0.5",
"doc_count": 10
},
{
"key": "10.0.0.5-*",
"from": "10.0.0.5",
"doc_count": 260
}
]
}
}
}
Reference : IP range aggregation
Useful Kusto functions:
- ipv4 in range
- ipv4 compare
- ipv4 match
- is ipv4
- ipv4 netmask suffix
- has any ipv4
- has ipv4
- has ipv4 prefix
