I'm having a hard time getting my URL report built and sorted.
I want to accomplish the following
1. category must match ADULT or NUDITY
2. source user must not be a member of FILT_STAFF or M_FILT_STAFF active directory groups (basically students)
3. search all IPs in 10.0.0.0/8 EXCEPT the following subnets
Another way of prhasing it:
show me all students who went to PORN or NUDITY sites. Don't show me any IPs which don't have "domain\<student id>" listed as the source user. I don't want to see our BYOD wireless or Chromebook subnets because there is no authentication.
((category eq adult) or (category eq nudity)) and (user.src neq FILT_STAFF ) and (user.src neq M_FILT_STAFF ) and ( addr.src in 10.0.0.0/8 ) and !(( addr.src in 10.10.0.0/21 ) or ( addr.src in 10.10.8.0/22 ) or ( addr.src in 10.7.48.0/21 ) or ( addr.src in 10.7.56.0/21 ) or ( addr.src in 10.9.0.0/21 ) or ( addr.src in 10.9.8.0/21 ))
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!