This page explains how to use the ipv4_is_in_range function in APL.
ipv4_is_in_range
function in Axiom Processing Language (APL) determines whether an IPv4 address falls within a specified range of addresses. This function is particularly useful for filtering or grouping logs based on geographic regions, network blocks, or security zones.
You can use this function to:
Splunk SPL users
ipv4_is_in_range
function in APL operates similarly to the cidrmatch
function in Splunk SPL. Both determine whether an IP address belongs to a specified range, but APL uses a different syntax and format.ANSI SQL users
ipv4_is_in_range
provides a concise way to perform this operation.Parameter | Type | Description |
---|---|---|
ip | string | The IPv4 address to evaluate. |
range | string | The IPv4 range in CIDR notation (e.g., 192.168.1.0/24 ). |
true
if the IPv4 address is in the range.false
otherwise.null
if the conversion of a string wasn’t successful.ipv4_is_in_range
to identify traffic from specific geographic regions or service provider IP blocks.
Query
geo.city | in_range |
---|---|
Seattle | true |
Denver | true |