This script is for a Google Cloud Function that allows users to look up information about a given IP address using the ipwhois
library. This can be used in existing automation when logging traffic for systems to detect potentially malicious traffic.
- Accepts an IP address via a POST request.
- Retrieves ownership and other related details about the IP address.
- Returns the information in a JSON format.
- Python 3.x
- Google Cloud SDK (if deploying to Google Cloud Functions)
The required dependencies are:
- Flask
- ipwhois
You can install these using:
pip install Flask ipwhois
-
Navigate to the directory containing the script.
-
Run the script:
python main.py
- Send a POST request with the IP address:
curl -X POST http://127.0.0.1:5000/lookup-ip -H "Content-Type: application/json" -d '{"ip":"8.8.8.8"}'
-
Ensure you have the Google Cloud SDK installed and are authenticated.
-
Deploy the function:
gcloud functions deploy lookup_ip \
--runtime python310 \
--trigger-http \
--allow-unauthenticated \
--entry-point lookup_ip \
--source=.
(Note: Omit the --allow-unauthenticated
flag if you want to secure your function.)
- After deployment, Google Cloud Functions will provide a URL endpoint. Use this URL to send POST requests.
Send a POST request with a JSON payload containing the IP address you want to look up:
{
"ip": "8.8.8.8"
}
๐ by psykrat