1.2 KiB
1.2 KiB
Create and populate a "locations" table with the IP's location informations of a list generated by Cowrie.
Informations
- Latitude
- Longitude
- ISP
- Country
- CountryCode
These informations are provided by ip-api.com.
Installation
git clone https://git.rznet.fr/razian/geoipmysql-py.git
pip install -r requirements.txt
chmod +x geoipmysql-py/geoipmysql.py
cp geoipmysql-py/geoipmysql.py /usr/local/bin/geoipmysql
Cowrie configuration
Enable the output_mysql in cowrie.cfg :
[output_mysql]
host = localhost
database = cowrie
username = cowrie
password = <password>
port = 3306
debug = false
enabled = true
Usage
usage: geoipmysql.py [-h] [-a HOST] [-u USER] [-p PORT] [-d DATABASE] [-P PASSWORD] [-r] [-n] [-i] [-m MAX]
optional arguments:
-h, --help show this help message and exit
-a, --address mysql host
-u, --user mysql user
-p, --port mysql port
-d, --database mysql database
-P, --password mysql password
-r, --regen drop and recreate locations table
-n, --new create a new locations table
-i, --interactive ask for confirmation before commit
-m, --max-rate max ip-api requests rate