mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
55 lines
1.6 KiB
C++
55 lines
1.6 KiB
C++
%%{
|
|
#include <zeek/MMDB.h>
|
|
%%}
|
|
|
|
## Initializes MMDB for later use of lookup_location.
|
|
## Requires Zeek to be built with ``libmaxminddb``.
|
|
##
|
|
## f: The filename of the MaxMind City or Country DB.
|
|
##
|
|
## Returns: A boolean indicating whether the db was successfully opened.
|
|
##
|
|
## .. zeek:see:: lookup_autonomous_system
|
|
function mmdb_open_location_db%(f: string%) : bool
|
|
%{
|
|
return zeek::mmdb_open_location_db(StringValPtr(NewRef(), f));
|
|
%}
|
|
|
|
## Initializes MMDB for later use of lookup_autonomous_system.
|
|
## Requires Zeek to be built with ``libmaxminddb``.
|
|
##
|
|
## f: The filename of the MaxMind ASN DB.
|
|
##
|
|
## Returns: A boolean indicating whether the db was successfully opened.
|
|
##
|
|
## .. zeek:see:: lookup_autonomous_system
|
|
function mmdb_open_asn_db%(f: string%) : bool
|
|
%{
|
|
return zeek::mmdb_open_asn_db(StringValPtr(NewRef(), f));
|
|
%}
|
|
|
|
## Performs a geo-lookup of an IP address.
|
|
## Requires Zeek to be built with ``libmaxminddb``.
|
|
##
|
|
## a: The IP address to lookup.
|
|
##
|
|
## Returns: A record with country, region, city, latitude, and longitude.
|
|
##
|
|
## .. zeek:see:: lookup_autonomous_system
|
|
function lookup_location%(a: addr%) : geo_location
|
|
%{
|
|
return zeek::mmdb_lookup_location(AddrValPtr(NewRef(), a));
|
|
%}
|
|
|
|
## Performs an lookup of AS number & organization of an IP address.
|
|
## Requires Zeek to be built with ``libmaxminddb``.
|
|
##
|
|
## a: The IP address to lookup.
|
|
##
|
|
## Returns: A record with autonomous system number and organization that contains *a*.
|
|
##
|
|
## .. zeek:see:: lookup_location
|
|
function lookup_autonomous_system%(a: addr%) : geo_autonomous_system
|
|
%{
|
|
return zeek::mmdb_lookup_autonomous_system(AddrValPtr(NewRef(), a));
|
|
%}
|