User guide
iGuard/inSight User Guide
Release 7.0.0.4
59
Command line identifiers can be used alone or as part of a complex query.
Example:
Find Word documents containing credit card numbers that originated from Reconnex and left the
United States, but did not go to Germany.
concept:CCN cont:MSWord sloc:Reconnex\ California -dloc:Germany,United\ States.…
Command Line Identifiers
Use the following identifiers on the Basic Search > Custom command line.
Source and Destination Options
loc:
Search transmission sources and destinations by geographic location
sloc:
Search transmission sources by geographic source
dloc:
Search transmission destinations by geographic destination
Example
loc:US,FR,GB sloc:US dloc:PK
You must use the correct country code when doing a command line location query.
IP Address Options
ip:
Find all traffic entering or leaving this address
sip:
Find traffic sent to this address (source IP)
dip:
Find traffic sent from this address (destination IP)
Examples
On the Basic Search > Custom line, enter the identifier followed by an IP address:
ip:10.1.2.3
sip:10.0.0.0/12
dip:10.0.0.0/24
Use of a net mask is optional; CIDR is supported if you want to use it.