Hey I'm currently running this SWQL (SWIS) Query
SELECT SourceIP, Sum(EgressBytes) as TotalEgressBytes FROM Orion.Netflow.FlowsByIP WHERE TimeStamp>GetDate()-2 AND TimeStamp<GetDate()-1 and SourceIP >= '10.0.0.1' and SourceIP < '10.0.0.254' Group By SourceIP
I'm using this query to check if a SourceIP is in use. (I probably don't need to sum the EgressBytes but just doing it for now)
My main goal is to feed the range of IP addresses and for each address return True or False for each IP if the SourceIP column exists.
I had a play around with "Case \ If exists" but have been having issues. Also this query is very slow if I increase the date range. I'd love some assistance
Thanks!