Jun 23 2023
I'm using the query described here to get alerts on suspicious logins from different countries, but I get lots of false positives from people connecting to our VPNs.
Is there a way to filter using IP ranges instead of specific IPs? I've tried using this
let excludeKnownVPN = dynamic(['127.0.0.1', '0.0.0.0', '184.108.40.206/16']);
but I don't get the expected outcome (I still get alerts from those IPs).
If someones knows how to filter IP ranges out, I'll greatly appreciate it.
Jun 26 2023