Open hire-vladimir opened 8 years ago
for example, by providing IP and bit mask, derive the cidr block. example courtesy of Jackson Sie
| localop | stats count | eval ip="231.5.2.97" | eval bitness=30 | rex field=ip "(?<octet1>\d+)\.(?<octet2>\d+)\.(?<octet3>\d+)\.(?<octet4>\d+)" | eval ipnum = (octet1 * 16777216 + octet2 * 65536 + octet3 * 256 + octet4) | eval ipnum_bitted = floor(ipnum / pow(2,32-bitness)) * pow(2,32-bitness) | eval net1=floor(ipnum_bitted/16777216),net2=floor((ipnum_bitted-net1*16777216)/65536),net3=floor((ipnum_bitted-net1*16777216-net2*65536)/256),net4=ipnum_bitted%256 | eval ip_bitted=net1.".".net2.".".net3.".".net4."/".bitness | table ip,bitness,ip_bitted | fieldformat bitness="/".bitness
for example, by providing IP and bit mask, derive the cidr block. example courtesy of Jackson Sie