I am experiencing difficulty in creating a query for ndepth that will show me the following information.
I have traffic that I am trying to locate that could be sourced from a group of 4 IP addresses.
This traffic could have a destination of a group of 3 IP addresses.
The problem I am having is how to create this in the search builder. I seem to have created the condition correctly to isolate all traffic that is sourced from any of the 4 IP addresses, but I cannot figure out how to further filter those results to only the traffic destined for the group of 3 IP addresses.
If someone could help make this look a little less than mud I would appreciate it.
What is the correct procedure for ordering conditions in the search builder?
I currently have an individual Group for each TCPTrafficAudit.SourceMachine. Each is configured with an OR Boolean logic. The bubble that contains all of these groups also has an OR statement, which I believe should be an AND statement. I then should be able to add my TCPTrafficAudit.DestinationMachine groups below this each with an OR statement.