We're trying to find a way to check our SolarWinds DB for possible past connections to rogue IP addresses.
I've got two sets of several hundred blacklisted IP addresses from an LE agency and I'm trying to find a way of bouncing those addresses off the server to see if our system has had any contact with these IP's and domains.
Of our SolarWinds modules, we do not have many, the first one to come to mind would be to use our Netflow mod.
Anyone have luck or experience with running such a search?
What about at the server level rather than at the browser app?
Would appreciate the feedback.