Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
RFC_1918 app icon

RFC_1918

This app adds 2 tags: "dest_ip_is_RFC1918", and "src_ip_is_RFC1918", which are CIM compatible and you can do things like this: | tstats sum(All_Traffic.bytes_out) AS per_source_bytes_out FROM datamodel=Network_Traffic WHERE All_Traffic.dest_port="53" AND NOT (All_Traffic.tag="src_ip_is_RFC1918" AND All_Traffic.tag="dest_ip_is_RFC1918") BY All_Traffic.src_ip _time span=1h

Built by Gregg Woodcock
splunk product badge
Latest Version 24.04.09
April 9, 2024
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
CIM Version: 5.x, 4.x, 3.x
Rating

0

(0)

Log in to rate this app
This app adds 2 tags: "dest_ip_is_RFC1918", and "src_ip_is_RFC1918", which are CIM compatible and you can do things like this: | tstats sum(All_Traffic.bytes_out) AS per_source_bytes_out FROM datamodel=Network_Traffic WHERE All_Traffic.dest_port="53" AND NOT (All_Traffic.tag="src_ip_is_RFC1918" AND All_Traffic.tag="dest_ip_is_RFC1918") BY All_Traffic.src_ip _time span=1h

Categories

Created By

Gregg Woodcock

Type

addon

Downloads

90

Licensing

Splunk Answers

Resources

Login to report this app listing