Kaseya Community

View Filter for Ranges of IP Addresses

This question is not answered

Looked at http://community.kaseya.com/xsp/f/26/t/22644.aspx, this does not work.

I am trying to create a view of non-RFC1918 IP Addresses, to identify hosts that have Public, Live IPs on their network interface directly, likely bypassing a firewall.

To get there, I'm working with the 'IP Address' object in the Advanced Agent Data Filter. I currently have the definition as: NOT 172.16.* AND NOT 172.17.* AND NOT 172.18.* AND NOT 172.19.* AND NOT 172.2* AND NOT 172.30.* AND NOT 172.31.* AND NOT 192.168.* AND NOT 10.*

While this filter is working and giving me what I need, it's messy. The 192.168.* and 10.* parts are clean and simple; the Class B Subnet space is messy. Also, at 144 characters, I'm almost 60% of the way to the 250 character limit. In the initial string, I had all of the 172.20s (172.20.*, 172.21.*, 172.22.*, etc.) listed, but that put me over 250 characters. That would have been a little better, documenting what we're filtering in a clearer manner for people who might not necessarily fully understand what they're looking at.

Wondering if anyone has any thoughts. Something like 172.[16-31].* would be a nice to have. Or, maybe the subnet approach could work as described in the above article and I'm just entering it incorrectly.


All Replies
  • We are using a simple range of

    >= AND <=