Network Data

IPADDR

Matches IPv4 addresses in dot-decimal notation and IPv6 addresses in hextet notation.

output type:IPADDR
quantifier:none
configuration:none

Example:

192.168.33.1
1080:0:0:0:8:800:200C:417A

Pattern:

1
IPADDR:ip EOL;

Parsing results ip-addresses in lines 1-2 being parsed into IPADDR field ip:

ip _unmatched
192.168.33.1 NULL
1080:0:0:0:8:800:200C:417A NULL

IPV4, IPV4ADDR

Matches IPv4 addresses in dot-decimal notation

output type:IPADDR
quantifier:none
configuration:none

IPV4SOCKET

Matches IPv4 address and port separated by a colon “:” or dot “.” symbols.

output type:IPSOCKET
quantifier:none
configuration:none

Example:

192.168.1.31:22
192.168.33.1.443

Pattern:

1
IPV4SOCKET:socket EOL;

Parsing results in values in rows 1-2 being parsed into IPSOCKET field socket:

socket _unmatched
192.168.1.31:22 NULL
192.168.33.1.443 NULL

IPV4NET

Matches Ipv4 network in CIDR notation.

output type:IPNET
quantifier:none
configuration:none

Example:

192.168.3.40/24

Pattern:

1
IPV4NET:ipv4_net

Parsing results in extracting row 1 value into IPNET field ipv4_net:

ipv4_net _unmatched
192.168.3.40/24 NULL

IPV6, IPV6ADDR

Matches IPv6 addresses in hextet notation.

output type:IPADDR
quantifier:none
configuration:none

Example

fe80:0:0:0:8e1:734c:9cca:6bc3
::1
2a00:1450:4010:c05::69

Pattern:

IPV6:ip EOL;

Parsing results addresses in lines 1-3 being extracted into IPADDR field ip:

ip _unmatched
fe80::8e1:734c:9cca:6bc3 NULL
::1 NULL
2a00:1450:4010:c05::69 NULL

MACADDR

Matches MAC address in the form of 12 hexadecimal numbers optionally separated by a hyphen “-“, colon “:” or dot “.”

output type:MACADDR
quantifier:none
configuration:none

Example

00:01:02:03:04:05
00-01-02-03-04-05
00.01.02.03.04.05
000102030405

Pattern:

1
MACADDR:mac EOL;

Parsing results in Mac addresses in lines 1-4 being parsed into MACADDR field mac:

mac _unmatched
00-01-02-03-04-05 NULL
00-01-02-03-04-05 NULL
00-01-02-03-04-05 NULL
00-01-02-03-04-05 NULL