AbuseIPDB + Steampipe
AbuseIPDB allows users to report and identify IP addresses that have been associated with malicious activity online.
Steampipe is an open source CLI to instantly query cloud APIs using SQL.
Query IP address base data from AbuseIPDB:
select ip_address, abuse_confidence_score, last_reported_atfrom abuseipdb_check_ipwhere ip_address = '76.76.21.21'
+-------------+------------------------+---------------------+| ip_address | abuse_confidence_score | last_reported_at |+-------------+------------------------+---------------------+| 76.76.21.21 | 73 | 2021-07-10 15:01:31 |+-------------+------------------------+---------------------+
Documentation
Get started
Install
Download and install the latest AbuseIPDB plugin:
steampipe plugin install abuseipdb
Configuration
Installing the latest abuseipdb plugin will create a config file (~/.steampipe/config/abuseipdb.spc
) with a single connection named abuseipdb
:
connection "abuseipdb" { plugin = "abuseipdb" api_key = "5a76843869c183a4ea901c79102bfa1f667f39a2ea0ba857c9a35a9885d91fbd9c4ae24d6a10999f"}
api_key
- Free API key for authenticated access.
Get involved
- Open source: https://github.com/turbot/steampipe-plugin-abuseipdb
- Community: Slack Channel