IP functions
ipv4_is_in_any_range
This page explains how to use the ipv4_is_in_any_range function in APL.
The ipv4_is_in_any_range
function checks whether a given IPv4 address belongs to any range of IPv4 subnets. You can use it to evaluate whether an IP address falls within a set of CIDR blocks or IP ranges, which is useful for filtering, monitoring, or analyzing network traffic in your datasets.
This function is particularly helpful for security monitoring, analyzing log data for specific geolocated traffic, or validating access based on allowed IP ranges.
For users of other query languages
If you come from other query languages, this section explains how to adjust your existing queries to achieve the same results in APL.
Usage
Syntax
Parameters
Parameter | Type | Description |
---|---|---|
ip_address | string | The IPv4 address to evaluate. |
ranges | dynamic | A list of IPv4 ranges or CIDR blocks to check against (in JSON array form). |
Returns
true
if the IP address is in any specified range.false
otherwise.null
if the conversion of a string wasn’t successful.
Use case example
Identify log entries from specific subnets, such as local office IP ranges.
Query
Output
_time | id | method | uri | status | is_in_range |
---|---|---|---|---|---|
2024-11-14 10:00:00 | user123 | GET | /home | 200 | true |
List of related functions
- ipv4_compare: Compares two IPv4 addresses lexicographically. Use for sorting or range evaluations.
- ipv4_is_in_range: Checks if an IP address is within a specified range.
- ipv4_is_private: Checks if an IPv4 address is within private IP ranges.
- parse_ipv4: Converts a dotted-decimal IP address into a numeric representation.