Table: abuseipdb_category - Query AbuseIPDB Categories using SQL
AbuseIPDB is a service that allows users to report and check IP addresses for known malicious activity. It categorizes IP addresses based on the types of abuse reported, such as fraud orders, DDoS attacks, spam emails, etc. This categorization helps in identifying the nature of the threat posed by a particular IP address.
Table Usage Guide
The abuseipdb_category table provides insights into the categories of IP addresses reported for abusive behavior in the AbuseIPDB. As a security analyst, explore category-specific details through this table, including the types of abuse associated with each category. Utilize it to enhance your understanding of the threat landscape and to aid in decision-making for threat mitigation strategies.
Examples
List the categories
Explore all the categories available in the AbuseIPDB to understand the types of abusive behavior that are tracked, allowing for more efficient and targeted security measures.
select *from abuseipdb_categoryorder by id;select *from abuseipdb_categoryorder by id;Schema for abuseipdb_category
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
| description | text | Description of the category. | |
| id | bigint | Category ID. | |
| title | text | Title of the category. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- abuseipdbYou can pass the configuration to the command with the --config argument:
steampipe_export_abuseipdb --config '<your_config>' abuseipdb_category