About GraemeStaff

Objective - Create Processor which can take the mined Azure JSON feed and filter on prefixes from specific regions only.    Issue - Region data is presented from the JSON file within dictionaries named "azure_name_list" & "azure_id_list" however I cannot find an example on the syntax to reference this. Could anyone help?   Log syntax from Azure JSON miner:   { "confidence": 100, "azure_system_service_list": [ "" ], "azure_platform_list": [ "azure" ], "azure_region": "", "share_level": "green", "azure_id": "AzureCloud", "sources": [ "AzureCloudIPsWithServiceTags" ], "azure_name": "AzureCloud", "azure_name_list": [ "azurecloud", "azurecloud.northeurope" ], "azure_id_list": [ "azurecloud", "azurecloud.northeurope" ], "azure_region_list": [ "", "northeurope" ], "azure_system_service": "", "first_seen": 1579249378925, "azure_platform": "Azure", "type": "IPv4", "last_seen": 1579249378925 }   ------------------------------ Infilter script   infilters: - actions: - accept conditions: - __method == 'withdraw' name: Accept Withdraws - actions: - accept conditions: - share_level == 'green' - type == 'IPv4' - azure_name == 'AzureCloud' - azure_id_list == 'AzureCloud.northeurope' - azure_platform == 'Azure' name: North Europe - actions: - drop name: drop all whitelist_prefixes: - wl ... View more