tchivert
/
geoipmysql-py
1
Fork 0
Code
Create and populate a "locations" table with the IP's location informations of a list generated by Cowrie.
29 Commits 1 Branch 0 Tags 47 KiB
Python 100%
Go to file
razian 55c54292a5 Update 'grafana/cowrie.json' 2022-06-02 18:11:32 +02:00
grafana Update 'grafana/cowrie.json' 2022-06-02 18:11:32 +02:00
syslog Add syslog config 2022-02-14 14:27:05 +01:00
systemd Add systemd service, grafana dashboard and improve readme 2022-02-14 12:03:39 +01:00
README.md Add python requirements install 2022-02-17 15:55:19 +01:00
geoipmysql.py Optimize geoip database object usage 2022-03-24 13:33:55 +01:00
requirements.txt Add local geodb backend 2022-03-03 22:41:47 +01:00

README.md

Create and populate a "locations" table with the IP's location informations of a list generated by Cowrie.

Informations

  • Latitude
  • Longitude
  • ISP
  • Country
  • CountryCode

These informations are provided by ip-api.com.

Installation

git clone https://git.rznet.fr/razian/geoipmysql-py.git
pip install -r requirements.txt
chmod +x geoipmysql-py/geoipmysql.py
cp geoipmysql-py/geoipmysql.py /usr/local/bin/geoipmysql

Cowrie configuration

Enable the output_mysql in cowrie.cfg :

[output_mysql]
host = localhost
database = cowrie
username = cowrie
password = <password>
port = 3306
debug = false
enabled = true

Usage

usage: geoipmysql.py [-h] [-a HOST] [-u USER] [-p PORT] [-d DATABASE] [-P PASSWORD] [-r] [-n] [-i] [-m MAX]

optional arguments:
  -h, --help         show this help message and exit
  -a, --address      mysql host
  -u, --user         mysql user
  -p, --port         mysql port
  -d, --database     mysql database
  -P, --password     mysql password
  -r, --regen        drop and recreate locations table
  -n, --new          create a new locations table
  -i, --interactive  ask for confirmation before commit
  -m, --max-rate     max ip-api requests rate