Firewall log: exact IP match
-
Good evening community.
Since I've tried several ways with no positive result, I'm here to ask for a question.On the "Advanced log filter" section:
I'd like to retrieve matches for a specific IP, for example 192.168.174.1.
By putting 192.168.174.1 as Source IP Address:
this is an example of the results:
which means of course that the last octect, "1", is threated as "contains" instead of "equals" value.
I'd like to understand how to obtain the results only related to 192.168.174.1, already tried:
192.168.174.1 (KO, same behaviour)
/\b192.168.174.1\b/ (KO, no logs to display)
^192.168.174.1$ (KO, no logs to display)Any ideas?
Thank you for your support,
regards.
Giuseppe -
This post is deleted! -
They are regex fields, so
192\.168\.174\.1$should exactly match the.1address and only the.1address. It works for me here, with or without the starting anchor (^). In this case you shouldn't need the start anchor but for an address with 1-2 numbers in the first octet, it could be necessary.If that doesn't find anything then there may not be any matching logs for that one address at the time you searched.
