I'm working with Enterprise Security and I'm trying to build/refine correlations against the Network Traffic Data Model.
I want to exclude destination addresses in RFC1918 space. When working with the Data Model, how do you express the equivalent of
NOT cidrmatch ("172.16.0.0/20", All_Traffic.dest)
Every combination I try gives me the error "Error in 'TsidxStats': WHERE clause is not an exact query"
↧