Elastic
Start free trial Contact Sales
Loading

Add network direction

The add_network_direction processor attempts to compute the perimeter-based network direction given an a source and destination ip address and list of internal networks. The key internal_networks can contain either CIDR blocks or a list of special values enumerated in the network section of Conditions.

processors:
  - add_network_direction:
      source: source.ip
      destination: destination.ip
      target: network.direction
      internal_networks: [ private ]

See Conditions for a list of supported conditions.