Forum Discussion
Finding messages from an IP range
Hi
Is it possible to use message-trace to find messages from a range of IP addresses without knowing either the sender or the precise IP address?
Running this query:
Get-MessageTrace -StartDate 2021-02-14 -EndDate 2021-02-24 | Select FromIP,SenderAddress,received,Status,MessageID,Subject | Where-Object {$_.FromIP -Like "184.*"} | ft
Returns 14 results, the same query with "SenderAddress" omitted from Select only returns 13! And neither query returns any results more than ~1 day old (I have verified that there should be other results).
Any ideas out there?
Thanks
Peter
You're effectively using client-side filtering, meaning that if you want proper results, you have to fetch all the messages for specific dates first. And for that, you'll need something more robust than a one-liner. There are ready to use scripts available online, look them up.
VasilMichev Hi. I have Googled my heart out looking for an answer to this question but have found nothing that relates to IP Ranges, only single IP addresses.
If you could be so kind as to point me in the direction of where where to look up these scripts I'll take it from there.
Regards
Peter
Sorry, I was referring to the "get all messages" type of script. You will have to do the filtering on IP/ranges on the client side, after you've gathered all messages.
