Skip to content

Instantly share code, notes, and snippets.

AHooijdonk

Block or report user

Report or block AHooijdonk

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@AHooijdonk
AHooijdonk / private-geoip.yaml
Created Apr 30, 2019
Sample dictionary file for use with cef-source.conf and cidr2regex.py. Order cidr from small to large subnet.
View private-geoip.yaml
^(123\.123\.123\.16)$: "Wake Atoll National Wildlife Refuge,Wake Island,19.2932614,166.6345151
^(1[01]\.(?:[0-9]|[1-9][0-9]|1(?:[0-9][0-9])|2(?:[0-4][0-9]|5[0-5]))\.(?:[0-9]|[1-9][0-9]|1(?:[0-9][0-9])|2(?:[0-4][0-9]|5[0-5]))\.(?:[0-9]|[1-9][0-9]|1(?:[0-9][0-9])|2(?:[0-4][0-9]|5[0-5])))$: "Honolulu,Hawaii,21.3280193,-157.8691128
@AHooijdonk
AHooijdonk / cef-source.conf
Last active Apr 30, 2019
Logstash conf file to use with private ip translate dictionary to add GEOIP data.
View cef-source.conf
# cef source using transalate and disctionary file for mapping private ip ranges to location (GEOIP) data for Logstash
input {
udp {
port => <number>
codec => "cef"
tags => ["cef-source"]
id => "cef-source"
}
}
filter {
View cidr2regex.py
#!/usr/bin/python
''' Not my script, found on the Internet, Thanks go out to the original creator who ever you may be, d-fault.nl and nprintz
'''
from __future__ import division
from __future__ import print_function
import sys
def cidr_to_regex(cidr):
ip, prefix = cidr.split('/')
You can’t perform that action at this time.