https://github.com/cgivre/drill-geoip-functions

GeoIP Functions for Apache Drill
https://github.com/cgivre/drill-geoip-functions

apache-drill city country data data-analysis data-science drill geoip-functions ip-address ipv4

Last synced: 6 months ago
JSON representation

GeoIP Functions for Apache Drill

• Host: GitHub
• URL: https://github.com/cgivre/drill-geoip-functions
• Owner: cgivre
• License: apache-2.0
• Created: 2017-01-29T00:29:53.000Z (over 8 years ago)
• Default Branch: master
• Last Pushed: 2019-09-25T14:50:56.000Z (about 6 years ago)
• Last Synced: 2025-03-25T23:34:47.466Z (7 months ago)
• Topics: apache-drill, city, country, data, data-analysis, data-science, drill, geoip-functions, ip-address, ipv4
• Language: Java
• Size: 57.1 MB
• Stars: 5
• Watchers: 1
• Forks: 6
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# GeoIP Functions for Apache Drill

This is a collection of GeoIP functions for Apache Drill. These functions are a wrapper for the MaxMind GeoIP Database.

IP Geo-Location is inherently imprecise and should never be relied on to get anything more than a general sense of where the traffic is coming from. 

* **`getCountryName(  )`**:  This function returns the country name of the IP address, "Unknown" if the IP is unknown or invalid.

* **`getCountryConfidence(  )`**:  This function returns the confidence score of the country ISO code of the IP address.

* **`getCountryISOCode(  )`**:  This function returns the country ISO code of the IP address, "Unknown" if the IP is unknown or invalid.

* **`getCityName(  )`**:  This function returns the city name of the IP address, "Unknown" if the IP is unknown or invalid.

* **`getCityConfidence(  )`**:  This function returns confidence score of the city name of the IP address.

* **`getLatitude(  )`**:  This function returns the latitude associated with the IP address.

* **`getLongitude(  )`**:  This function returns the longitude associated with the IP address.

* **`getTimezone(  )`**:  This function returns the timezone associated with the IP address.

* **`getAccuracyRadius(  )`**:  This function returns the accuracy radius associated with the IP address, 0 if unknown.

* **`getAverageIncome(  )`**:  This function returns the average income of the region associated with the IP address, 0 if unknown.

* **`getMetroCode(  )`**:  This function returns the metro code of the region associated with the IP address, 0 if unknown.

* **`getPopulationDensity(  )`**:  This function returns the population density associated with the IP address.

* **`getPostalCode(  )`**:  This function returns the postal code associated with the IP address.

* **`getCoordPoint(  )`**:  This function returns a point for use in GIS functions of the lat/long of associated with the IP address.

* **`getASN(  )`**:  This function returns the autonomous system of the IP address, "Unknown" if the IP is unknown or invalid.

* **`getASNOrganization(  )`**:  This function returns the autonomous system organization of the IP address, "Unknown" if the IP is unknown or invalid.

* **`isEU(  ), isEuropeanUnion(  )`**:  This function returns `true` if the ip address is located in the European Union, `false` if not.

* **`isAnonymous(  )`**:  This function returns `true` if the ip address is anonymous, `false` if not.

* **`isAnonymousVPN(  )`**:  This function returns `true` if the ip address is an anonymous virtual private network (VPN), `false` if not.

* **`isHostingProvider(  )`**:  This function returns `true` if the ip address is a hosting provider, `false` if not.

* **`isPublciProxy(  )`**:  This function returns `true` if the ip address is a public proxy, `false` if not.

* **`isTORExitNode(  )`**:  This function returns `true` if the ip address is a known TOR exit node, `false` if not.

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

## Protocol Lookup Functions

These functions provide a convenience lookup capability for port numbers. They will accept port numbers as either an int or string.

* `get_service_name(, )`:  This function returns the service name for a port and protocol combination.  

```

apache drill> select get_service_name(666, 'tcp') as service from (values(1));

+------------------+

|     service      |

+------------------+

| doom Id Software |

+------------------+

1 row selected (0.178 seconds)

```

* `get_short_service_name(, )`: Same as above but returns a short protocol name. 

```

apache drill> select get_short_service_name(21, 'tcp') as service from (values(1));

   +---------+

   | service |

   +---------+

   | ftp     |

   +---------+

   1 row selected (0.112 seconds)

   ```