Submit a ticketCall us

Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.

 

Home > Success Center > Kiwi Syslog Server > Kiwi Syslog Server Administrator Guide > Add rules, filters, and actions > Add a filter > Filter messages based on IP address

Filter messages based on IP address

Table of contents
No headers

This feature is available only in the licensed version.

Use an IP address filter to include or exclude messages based on the IP address of the sending device. Only messages from included IP addresses trigger the actions in the associated rule.

If a rule does not contain an IP address filter, all IP addresses are included.

  1. From the Kiwi Syslog Service Manager, choose File > Setup.
  2. Add a new rule, or locate an existing rule.
  3. Right-click the Filters node below the rule, and choose Add Filter.
  4. Replace the default name with a descriptive name. (The name does not have to be unique.)
  5. In the Field menu, select IP address.

  6. Select an option from the Filter Type menu, and specify one or more IP addresses.

    Simple

    Enter one or more IP addresses to include. Enclose each IP address in quotes.

    There is an OR relationship between the IP addresses. Messages from any of the IP addresses are included.

    In the following example, a message is included if the IP address of the sending device is 192.0.2.14 or 192.0.2.15.

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_Admin_Guide/KSS_Admin_Guide_updates/0010-Add_rules_filters_and_actions/0030-Add_a_filter/0020-Filter_messages_based_on_IP_address/filter_ip_simple.png

    Complex

    Enter the IP addresses to include or to exclude. Enclose each IP address in quotes.

    There is an OR relationship between IP addresses on the same line. Messages are included or excluded if they are sent from any of the IP addresses on the line.

    For IP addresses, Complex filters are primarily used to exclude specific addresses. Do not use both the Include and Exclude sections. (If you include specific IP addresses, all others are automatically excluded.) Also, do not use the And lines.

    In the following example, a message is excluded if the IP address of the sending device is 192.0.2.14 or 192.0.2.15.

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_Admin_Guide/KSS_Admin_Guide_updates/0010-Add_rules_filters_and_actions/0030-Add_a_filter/0020-Filter_messages_based_on_IP_address/filter_ip_complex.png

    RegExp

    Enter one or more regular expressions to specify the IP addresses to include or exclude.

    IPv4 Range

    Enter the range of IP addresses to include, exclude, or both.

    In the following example, a message is included if the sending device's IP address is between 192.0.2.0 and 192.0.2.24, but is not between 192.0.2.10 and 192.0.2.12.

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_Admin_Guide/KSS_Admin_Guide_updates/0010-Add_rules_filters_and_actions/0030-Add_a_filter/0020-Filter_messages_based_on_IP_address/filter_ipv4_range.png

    IPv4 Mask

    Specify a range of IP addresses to include or exclude based on mask matching. The IP address is logically AND'ed with the specified Mask and then compared with the IP address of the sending device. If the two addresses are on the same subnet, then the filter result is TRUE.

    In the following example, the message is excluded If the sending device's IP address is within the range of 192.168.0.0 to 192.168.0.15.

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_Admin_Guide/KSS_Admin_Guide_updates/0010-Add_rules_filters_and_actions/0030-Add_a_filter/0020-Filter_messages_based_on_IP_address/filter_ipv4_mask.png

    IPv6 Range

    Enter the range of IP addresses to include, exclude, or both. (For a range example, see IPv4 Range.)

  7. (Optional) Test the filter.
  8. Click Apply to save the filter.

    Only messages from included IP addresses trigger the actions in the associated rule.

Last modified
17:33, 17 Mar 2017

Tags

Classifications

Public