Invalid IP network, skipping {:network=>"10.13.7.0/10.13.7.24"

Vishnu_mk · December 10, 2019, 9:07am

input {
  file {
    path => "/home/a/Documents/iplist.txt"
    start_position => "beginning"
    sincedb_path => "/dev/null"
  }
}
filter {
        grok {
        match => { "message" => "%{IP:src_ip}" }
      }
        cidr {
        add_tag => [ "testnet" ]
        address => [ "%{src_ip}" ]
        #separator => "-"
        network_path => "/home/a/Documents/ip.txt"
       # separator => "//"


      }
}
output {
    stdout { codec => rubydebug }
 }

above is my logstash configuration:

below is my ip.txt file
10.12.7.0-10.12.7.24
10.13.7.0-10.13.7.24

[2019-12-10T14:20:32,135][WARN ][logstash.filters.cidr    ] Invalid IP network, skipping {:network=>"10.12.7.0/10.12.7.24", :event=>#<LogStash::Event:0x21adc04>}
[2019-12-10T14:20:32,137][WARN ][logstash.filters.cidr    ] Invalid IP network, skipping {:network=>"10.13.7.0/10.13.7.24", :event=>#<LogStash::Event:0x21adc04>}
[2019-12-10T14:20:32,139][WARN ][logstash.filters.cidr    ] Invalid IP network, skipping {:network=>"10.12.7.0/10.12.7.24", :event=>#<LogStash::Event:0x50d8fdeb>}
[2019-12-10T14:20:32,140][WARN ][logstash.filters.cidr    ] Invalid IP network, skipping {:network=>"10.13.7.0/10.13.7.24", :event=>#<LogStash::Event:0x50d8fdeb>}
[2019-12-10T14:20:32,141][WARN ][logstash.filters.cidr    ] Invalid IP network, skipping {:network=>"10.12.7.0/10.12.7.24", :event=>#<LogStash::Event:0x4119464f>}
[2019-12-10T14:20:32,142][WARN ][logstash.filters.cidr    ] Invalid IP network, skipping {:network=>"10.13.7.0/10.13.7.24", :event=>#<LogStash::Event:0x4119464f>}
[2019-12-10T14:20:32,143][WARN ][logstash.filters.cidr    ] Invalid IP network, skipping {:network=>"10.12.7.0/10.12.7.24", :event=>#<LogStash::Event:0x5dbd29a8>}
[2019-12-10T14:20:32,144][WARN ][logstash.filters.cidr    ] Invalid IP network, skipping {:network=>"10.13.7.0/10.13.7.24", :event=>#<LogStash::Event:0x5dbd29

My error.

what I want is it should add tag if my Ip is in the specified range if ip.txt file

Badger · December 10, 2019, 3:06pm

That's not the right notation for CIDR. You need two CIDR patterns, 10.12.7.0/28 (which includes 0 to 15) and 10.12.7.16/29 (which includes 16 to 23). Together they include 24 addresses. If you really want .24 as the 25th address then you need a third -- 10.12.7.24/32.

system · January 7, 2020, 3:07pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
CIDR filter reports IP6 addresses as invalid Logstash	2	291	October 8, 2019
Logstash filter cidr error Logstash	11	3938	March 7, 2017
Cidr Plugin - Warn and skipping data... Missing Data Logstash	4	706	August 26, 2020
Logstash CIDR Plugin not working Logstash	2	257	November 15, 2021
Logstash pipeline error date Logstash	11	858	February 15, 2019

Invalid IP network, skipping {:network=>"10.13.7.0/10.13.7.24"

Related topics