{"id":27979347,"url":"https://github.com/jon-brandy/holmesgeo","last_synced_at":"2025-05-08T02:52:20.508Z","repository":{"id":291919672,"uuid":"979182661","full_name":"jon-brandy/HolmesGeo","owner":"jon-brandy","description":"A simple, modular tool for extracting and analyzing IP addresses from multiple sources.","archived":false,"fork":false,"pushed_at":"2025-05-07T11:38:19.000Z","size":125,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-08T02:52:17.848Z","etag":null,"topics":["cybersecurity","ipgeolocation","python","threat-intelligence"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jon-brandy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-07T06:01:31.000Z","updated_at":"2025-05-07T11:38:22.000Z","dependencies_parsed_at":"2025-05-07T08:23:37.728Z","dependency_job_id":"16179045-a7f1-48b2-b22f-1eba1b3d26e7","html_url":"https://github.com/jon-brandy/HolmesGeo","commit_stats":null,"previous_names":["jon-brandy/holmesgeo"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jon-brandy%2FHolmesGeo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jon-brandy%2FHolmesGeo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jon-brandy%2FHolmesGeo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jon-brandy%2FHolmesGeo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jon-brandy","download_url":"https://codeload.github.com/jon-brandy/HolmesGeo/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252989937,"owners_count":21836666,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","ipgeolocation","python","threat-intelligence"],"created_at":"2025-05-08T02:52:19.794Z","updated_at":"2025-05-08T02:52:20.502Z","avatar_url":"https://github.com/jon-brandy.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# HolmesGeo: A Simple Tool for IP Geolocation Check.\n\n\u003cp align=\"center\"\u003e\n   \u003cimg src=\"https://github.com/user-attachments/assets/078a61db-b3ac-4dcc-a1e3-2f25a14ba274\" width=\"350\"\u003e\n\u003c/p\u003e\n\n\n## [📃] Features\n\n- Extract IP addresses from Apache log files\n- Extract IP addresses from CSV files\n- Read IP addresses from stdin or text files\n- Get geographic and network information for IP addresses\n- Generate reports in CSV and Excel formats\n\n## [⚙️] Installation\n\n\u003e [!WARNING]\n\u003e For security reasons, we recommend using your own Account ID and License Key. For guidance on how to obtain these, please refer to our [WIKI](https://github.com/jon-brandy/HolmesGeo/wiki/How-to-Obtain-GeoLite2-License-from-MaxMind).\n\n```txt\n# Can be seen at install.sh\n21 ...\n22 ...\n23 UserId \u003c\u003cPASTE_ACCOUNT_ID_HERE\u003e\u003e\n24 LicenseKey \u003c\u003cPASTE_LICENSE_KEY_HERE\u003e\u003e\n25 EditionIDs GeoLite2-Country GeoLite2-City GeoLite2-ASN\n26 DatabaseDirectory /usr/local/share/GeoIP\n27 EOF'\n28 ...\n29 ...\n```\n\n```bash\ngit clone https://github.com/jon-brandy/simple_ipcheck.git\ncd simple_ipcheck\nchmod +x install.sh\n./install.sh\n```\n\n## [✅] Basic Usage\n\n\u003e [!NOTE]\n\u003e HolmesGeo can be run in several ways, note that the current directory for this example is at /HolmesGeo/\n\n\u003e ### Command Line Interface\n\n```bash\n# Using the run script\n./chk.sh [OPTIONS]\n\n# Or directly with Python\nsource venv/bin/python\npython3 -m holmesMod.main [OPTIONS]\n```\n\n## [🧠] Command Line Options\n\n| Option | Description |\n|--------|-------------|\n| `--apache FILE` | Extract IPs from an Apache log file |\n| `--csv FILE` | Extract IPs from a CSV file |\n| `--check FILE` | Check IPs from a text file (one IP per line) |\n| `--column NAME` | Specify column name for IP addresses in CSV mode |\n\n## [✏️] Usage Examples\n\n\u003e ### Extract IPs from Apache Log File\n\n```bash\n./chk.sh --apache samples/sample_log.txt\npython3 -m holmesMod.main --apache apache.log\n```\n\nThis extracts all IP addresses from the Apache log file and checks their geolocation and network information.\n\n\u003e ### Extract IPs from CSV File\n\n```bash\n# Extract from all columns\n./chk.sh --csv samples/sample.csv\npython3 -m holmesMod.main --csv file.csv\n\n# Extract from a specific column\n./chk.sh --csv samples/sample.csv --column ip_address\npython3 -m holmesMod.main --csv file.csv --column source_ip\n```\n\n\u003e ### Check IPs from a Text File\n\n```bash\n./chk.sh --check samples/iplist.txt.txt\npython3 -m holmesMod.main --check list_ip.txt\n```\n\n\u003e ### Pipe IPs Directly to the Tool\n\n```bash\necho \"8.8.8.8\" | ./chk.sh\necho -e \"8.8.8.8\\n37.252.185.229\" | ./chk.sh\ncat samples/iplist.txt| ./chk.sh\ncat ip.txt | python -m holmesMod.main\n```\n\n## [❓] Output\n\nThe tool generates two output files in the `results` directory:\n\n1. A CSV file containing the following information for each IP:\n- IP Address\n- City\n- City Latitude\n- City Longitude\n- Country\n- Country Code\n- Continent\n- ASN Number\n- ASN Organization\n- Network\n\n2. An Excel (XLSX) file with the same information, formatted for better readability.\n\n## [📝] Working with the Results\n\n\u003e [!NOTE]\n\u003e **The results are saved in the `holmesMod/results` directory. Each run creates new files with names based on the input source.**\n\nFor stdin input:\n```\nstdin_YYYYMMDD_HHMMSS.csv\nstdin_YYYYMMDD_HHMMSS.xlsx\n```\n\nFor file input:\n```\nfilename_ipinfo.csv\nfilename_ipinfo.xlsx\n```\n\nIf a file with the same name already exists, a versioned filename is created:\n```\nfilename_ipinfo_v1.csv\nfilename_ipinfo_v1.xlsx\n```\n\n## [⛓️] Troubleshooting\n\n\u003e [!TIP]\n\u003e ### Database Issues  \n\u003e If you receive database-related errors, kindly make sure these things.\n\n1. The GeoIP databases are correctly installed:\n   \n```bash\nls -la holmesMod/db/\n```\n\n2. Run the installation script to update databases:\n   \n```bash\n./install.sh\n```\n\n\n\u003e [!TIP]\n\u003e ### Permission Issues  \n\u003e If you encounter permission issues, run the following commands to fix the permissions for the database files and results directory.\n\n\n```bash\n# Fix permissions for database files\nsudo chown -R $USER:$USER holmesMod/db/\nchmod 644 holmesMod/db/*.mmdb\n\n# Fix permissions for results directory\nchmod -R 755 holmesMod/results/\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjon-brandy%2Fholmesgeo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjon-brandy%2Fholmesgeo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjon-brandy%2Fholmesgeo/lists"}