Hi Everyone,
I have subnet of IP's. whenever we see any traffic from that IP's we need alert but in between we have only few serves which is authorized for next one week(or mentioned time in lookup). I have a lookup table for that having two fields
src====== date
a.b.c.d----- epoc time(11-12-2020)
Now I want a end result that
any IP from that subnet(UAT Subnet) and authorized servers access internet even after mentioned date in lookup table.
(Please note that that authorized servers are also from that UAT subnet)
create an alert.