Table: abuseipdb_category - Query AbuseIPDB Categories using SQL

AbuseIPDB is a service that allows users to report and check IP addresses for known malicious activity. It categorizes IP addresses based on the types of abuse reported, such as fraud orders, DDoS attacks, spam emails, etc. This categorization helps in identifying the nature of the threat posed by a particular IP address.

Table Usage Guide

The abuseipdb_category table provides insights into the categories of IP addresses reported for abusive behavior in the AbuseIPDB. As a security analyst, explore category-specific details through this table, including the types of abuse associated with each category. Utilize it to enhance your understanding of the threat landscape and to aid in decision-making for threat mitigation strategies.

Examples

List the categories

Explore all the categories available in the AbuseIPDB to understand the types of abusive behavior that are tracked, allowing for more efficient and targeted security measures.

select
  *
from
  abuseipdb_category
order by
  id;

select
  *
from
  abuseipdb_category
order by
  id;

Schema for abuseipdb_category

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form.
description	text		Description of the category.
id	bigint		Category ID.
sp_connection_name	text	=, !=, ~~, ~~, !~~, !~~	Steampipe connection name.
sp_ctx	jsonb		Steampipe context in JSON form.
title	text		Title of the category.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- abuseipdb

You can pass the configuration to the command with the --config argument:

steampipe_export_abuseipdb --config '<your_config>' abuseipdb_category