IP address resolver

Take an IP address and perform a geo location search

Overview

Translate IP address to specific geo locations to enable web traffic insights such as web reach, DDOS attacks, location density and frequency.

Example

ip geo resolver:
  name: badActors resovlver
  ip field: ip_address
  response field: ipGeoEntity

  mapping entities:
    source: data/mini_ipaddress.csv

Response

ipGeoLocation:
    country: JP
    area: Tokyo
    city: Minato

Attributes

AttributeDescriptionData TypeRequired

name

Descriptive name of the processor function

String

Default: Random UUID

ip field

Field that holds the ip address to be searched

String

response field

Custom field name to place result of search lookup

String Default: ipGeoLocation

mapping entities

Section describing the parser and file to be used

See mapping entities section

Mapping Entities

File Format

fromip,toip,country,area,city
1.1.1.0     ,1.1.1.255    ,AU,Queensland                       ,Brisbane
1.1.2.0     ,1.1.7.255    ,CN,Fujian                           ,Fuzhou
1.1.8.0     ,1.1.8.255    ,CN,Shanghai Shi                     ,Shanghai
1.1.9.0     ,1.1.63.255   ,CN,Guangdong                        ,Guangzhou
1.1.64.0    ,1.1.112.255  ,JP,Tokyo                            ,Minato
1.1.113.0   ,1.1.113.255  ,JP,Tokyo                            ,Chiyoda
1.1.114.0   ,1.1.125.255  ,JP,Tokyo                            ,Minato
1.1.126.0   ,1.1.127.255  ,JP,Tokyo                            ,Chiyoda

Attributes

AttributeDescriptionData TypeRequired

parser

Custom parser that converts to a custom type that extends GeoNode, see documentation for further details on implementing a GeoNode entity

String Default: IpCityArrowParser

source

File location of the mapping entities

String

PreviousGeo SearchNextReverse geocoding

Last updated