This page explains how to use the ipv4_is_in_any_range function in APL.
ipv4_is_in_any_range
function checks whether a given IPv4 address belongs to any range of IPv4 subnets. You can use it to evaluate whether an IP address falls within a set of CIDR blocks or IP ranges, which is useful for filtering, monitoring, or analyzing network traffic in your datasets.
This function is particularly helpful for security monitoring, analyzing log data for specific geolocated traffic, or validating access based on allowed IP ranges.
Splunk SPL users
cidrmatch
to check if an IP belongs to a range. In APL, ipv4_is_in_any_range
is equivalent, but it supports evaluating against multiple ranges simultaneously.ANSI SQL users
ipv4_is_in_any_range
simplifies this by handling multiple CIDR blocks and ranges in a single function.Parameter | Type | Description |
---|---|---|
ip_address | string | The IPv4 address to evaluate. |
ranges | dynamic | A list of IPv4 ranges or CIDR blocks to check against (in JSON array form). |
true
if the IP address is in any specified range.false
otherwise.null
if the conversion of a string wasn’t successful._time | id | method | uri | status | is_in_range |
---|---|---|---|---|---|
2024-11-14 10:00:00 | user123 | GET | /home | 200 | true |