Table: detectify_ip
This table contains information about IP addresses monitored and scanned for vulnerabilities by Detectify.
The
token_v3argument is required to use this table, meaning you need to create an API key for v3 on Detectify.
Examples
List all IP Addresses
select ip_address, active, domain_name, geolocation ->> 'country_name' as "country"from detectify_ip;List the currently active IP addresses
select ip_address, active, domain_name, geolocation ->> 'country_name' as "country"from detectify_ip;where active = 'true';Group IP addresses by country
select count(*) as ip_count, geolocation ->> 'country_name' as "country"from detectify_ipgroup by "country";Schema for detectify_ip
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form. | |
| active | boolean | Indicates if the IP is active. | |
| asset_id | text | Asset ID associated with the IP. | |
| autonomous_system | jsonb | Detailed information about the autonomous system. | |
| disappeared_at | timestamp with time zone | Timestamp when the IP disappeared. | |
| domain_name | text | Domain name associated with the IP. | |
| enriched | boolean | Indicates if the IP is enriched. | |
| first_seen_at | timestamp with time zone | Timestamp when the IP was first seen. | |
| geolocation | jsonb | Detailed information about the geolocation. | |
| id | text | Unique ID of the IP item. | |
| ip_address | text | IP address. | |
| ip_version | text | IP version (e.g., IPv4, IPv6). | |
| sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
| sp_ctx | jsonb | Steampipe context in JSON form. | |
| team_id | text | Team ID associated with the IP. |