boB Rudis
3 years ago
18 changed files with 384 additions and 8 deletions
@ -0,0 +1,2 @@ |
|||
YEAR: 2021 |
|||
COPYRIGHT HOLDER: Bob Rudis |
@ -0,0 +1,21 @@ |
|||
# MIT License |
|||
|
|||
Copyright (c) 2021 Bob Rudis |
|||
|
|||
Permission is hereby granted, free of charge, to any person obtaining a copy |
|||
of this software and associated documentation files (the "Software"), to deal |
|||
in the Software without restriction, including without limitation the rights |
|||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|||
copies of the Software, and to permit persons to whom the Software is |
|||
furnished to do so, subject to the following conditions: |
|||
|
|||
The above copyright notice and this permission notice shall be included in all |
|||
copies or substantial portions of the Software. |
|||
|
|||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|||
SOFTWARE. |
@ -1,4 +1,8 @@ |
|||
# Generated by roxygen2: do not edit by hand |
|||
|
|||
export(qr_api_key) |
|||
export(qr_ip_lookup) |
|||
export(qr_tidy) |
|||
export(qr_whois) |
|||
import(httr) |
|||
importFrom(jsonlite,fromJSON) |
|||
|
@ -0,0 +1 @@ |
|||
.qradar_ua <- "Mozilla/5.0 (Compatible; r-qradar/1.0; https://gitlab.com/hrbrmstr/qradar)" |
@ -0,0 +1,34 @@ |
|||
#' Get or set QRATOR_RADAR_API_KEY value |
|||
#' |
|||
#' The API wrapper functions in this package all rely on a Qrator Radar API |
|||
#' key residing in the environment variable \code{QRATOR_RADAR_API_KEY}. The |
|||
#' easiest way to accomplish this is to set it in the `\code{.Renviron}` file in your |
|||
#' home directory. |
|||
#' |
|||
#' @param force force setting a new Qrator Radar API key for the current environment? |
|||
#' @return atomic character vector containing the Qrator Radar API key |
|||
#' @export |
|||
qr_api_key <- function(force = FALSE) { |
|||
|
|||
env <- Sys.getenv('QRATOR_RADAR_API_KEY') |
|||
if (!identical(env, "") && !force) return(env) |
|||
|
|||
if (!interactive()) { |
|||
stop("Please set env var QRATOR_RADAR_API_KEY to your Qrator Radar API key", |
|||
call. = FALSE) |
|||
} |
|||
|
|||
message("Couldn't find env var QRATOR_RADAR_API_KEY See ?QRATOR_RADAR_API_KEY for more details.") |
|||
message("Please enter your API key and press enter:") |
|||
pat <- readline(": ") |
|||
|
|||
if (identical(pat, "")) { |
|||
stop("Qrator Radar API key entry failed", call. = FALSE) |
|||
} |
|||
|
|||
message("Updating QRATOR_RADAR_API_KEY env var to PAT") |
|||
Sys.setenv(QRATOR_RADAR_API_KEY = pat) |
|||
|
|||
pat |
|||
|
|||
} |
@ -0,0 +1,27 @@ |
|||
#' Get list of Prefixes/ASNs for selected IP |
|||
#' |
|||
#' @param ip IP to lookup |
|||
#' @param api_key your Qrator Radar API key; see [qr_api_key()]. |
|||
#' @return list (use [qr_tidy()] to turn the raw API result into a data frame) |
|||
#' @export |
|||
#' @examples |
|||
#' qr_tidy(qr_ip_lookup("17.253.144.10")) |
|||
qr_ip_lookup <- function(ip, api_key = qr_api_key()) { |
|||
|
|||
httr::GET( |
|||
url = "https://api.radar.qrator.net/v1/lookup/ip", |
|||
httr::add_headers(`QRADAR-API-KEY` = api_key), |
|||
httr::user_agent(.qradar_ua), |
|||
query = list(query = ip[1]) |
|||
) -> res |
|||
|
|||
httr::stop_for_status(res) |
|||
|
|||
out <- httr::content(res, as = "text", encoding = "UTF-8") |
|||
out <- jsonlite::fromJSON(out) |
|||
|
|||
class(out) <- c("qr_ip", "list") |
|||
|
|||
out |
|||
|
|||
} |
@ -0,0 +1,13 @@ |
|||
#' Turn a Qrator Radar raw API result into a data frame |
|||
#' |
|||
#' @param res raw QRator Radar API result from the query functions in |
|||
#' this package. |
|||
#' @return data frame |
|||
#' @export |
|||
#' @examples |
|||
#' qr_tidy(qr_ip_lookup("17.253.144.10")) |
|||
qr_tidy <- function(res) { |
|||
|
|||
res$data |
|||
|
|||
} |
@ -0,0 +1,37 @@ |
|||
#' Retrieve the raw WHOIS record for a given autonomous system |
|||
#' |
|||
#' @param asn autonomous system number; should be just the number but |
|||
#' the function will also work if the input is prefixed with |
|||
#' "AS" or "as" |
|||
#' @return character |
|||
#' @export |
|||
#' @examples |
|||
#' qr_whois("7015") |
|||
qr_whois <- function(asn) { |
|||
|
|||
asn <- gsub("[^[:digit:]]", "", as.character(asn[1])) |
|||
|
|||
httr::GET( |
|||
url = sprintf("https://radar.qrator.net/as%s/getwhois", asn), |
|||
httr::add_headers( |
|||
`Connection` = "keep-alive", |
|||
`Accept` = "application/json, text/javascript, */*; q=0.01", |
|||
`User-Agent` = "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_3_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.47 Safari/537.36 Edg/89.0.774.27", |
|||
`X-Requested-With` = "XMLHttpRequest", |
|||
`Sec-Fetch-Site` = "same-origin", |
|||
`Sec-Fetch-Mode` = "cors", |
|||
`Sec-Fetch-Dest` = "empty", |
|||
`Referer` = "https://radar.qrator.net/as7015/whois", |
|||
`Accept-Language` = "en-US,en;q=0.9" |
|||
), |
|||
httr::set_cookies(QRADARSESSION = "k9so4i4k4opvr92kf0psa0sm85") # good until 2072 |
|||
) -> res |
|||
|
|||
httr::stop_for_status(res) |
|||
|
|||
out <- httr::content(res, as = "text", encoding = "UTF-8") |
|||
out <- jsonlite::fromJSON(out) |
|||
|
|||
out$entry |
|||
|
|||
} |
@ -0,0 +1,127 @@ |
|||
|
|||
[![Project Status: Active – The project has reached a stable, usable |
|||
state and is being actively |
|||
developed.](https://www.repostatus.org/badges/latest/active.svg)](https://www.repostatus.org/#active) |
|||
[![Signed |
|||
by](https://img.shields.io/badge/Keybase-Verified-brightgreen.svg)](https://keybase.io/hrbrmstr) |
|||
![Signed commit |
|||
%](https://img.shields.io/badge/Signed_Commits-100%25-lightgrey.svg) |
|||
[![Linux build |
|||
Status](https://travis-ci.org/hrbrmstr/qradar.svg?branch=master)](https://travis-ci.org/hrbrmstr/qradar) |
|||
![Minimal R |
|||
Version](https://img.shields.io/badge/R%3E%3D-3.6.0-blue.svg) |
|||
![License](https://img.shields.io/badge/License-MIT-blue.svg) |
|||
|
|||
# qradar |
|||
|
|||
Gather Autonomous System, IP Address, and Routing Information from |
|||
Qrator Radar |
|||
|
|||
## Description |
|||
|
|||
Qrator has an API (<https://api.radar.qrator.net/>) that can be queried |
|||
for information on autonomous systems, IP addresses, and various |
|||
internet routing metadata. Tools are provided to perform these queries |
|||
and retrieve resultsets. Note that an account is needed to generate the |
|||
free API key which is required for all API calls. |
|||
|
|||
## What’s Inside The Tin |
|||
|
|||
The following functions are implemented: |
|||
|
|||
- `qr_api_key`: Get or set QRATOR\_RADAR\_API\_KEY value |
|||
- `qr_ip_lookup`: Get list of Prefixes/ASNs for selected IP |
|||
- `qr_tidy`: Turn a Qrator Radar raw API result into a data frame |
|||
- `qr_whois`: Retrieve the raw WHOIS record for a given autonomous |
|||
system |
|||
|
|||
## TODO |
|||
|
|||
The rest of [the API](https://api.radar.qrator.net/). |
|||
|
|||
## Installation |
|||
|
|||
``` r |
|||
remotes::install_git("https://git.rud.is/hrbrmstr/qradar.git") |
|||
# or |
|||
remotes::install_gitlab("hrbrmstr/qradar") |
|||
# or |
|||
remotes::install_bitbucket("hrbrmstr/qradar") |
|||
# or |
|||
remotes::install_github("hrbrmstr/qradar") |
|||
``` |
|||
|
|||
NOTE: To use the ‘remotes’ install options you will need to have the |
|||
[{remotes} package](https://github.com/r-lib/remotes) installed. |
|||
|
|||
## Usage |
|||
|
|||
``` r |
|||
library(qradar) |
|||
|
|||
# current version |
|||
packageVersion("qradar") |
|||
## [1] '0.1.0' |
|||
``` |
|||
|
|||
``` r |
|||
qr_tidy(qr_ip_lookup("17.253.144.10")) |
|||
## id name short_descr prefix as_num found_ips |
|||
## 1 714 APPLE-ENGINEERING 17.0.0.0/8 714 {17.253.144.10} |
|||
## 2 714 APPLE-ENGINEERING 17.128.0.0/9 714 {17.253.144.10} |
|||
## 3 714 APPLE-ENGINEERING 17.253.0.0/16 714 {17.253.144.10} |
|||
## 4 714 APPLE-ENGINEERING 17.253.144.0/21 714 {17.253.144.10} |
|||
|
|||
cat(qr_whois("7015")) |
|||
## ASNumber: 7015 |
|||
## ASName: COMCAST-7015 |
|||
## ASHandle: AS7015 |
|||
## RegDate: 2001-12-20 |
|||
## Updated: 2021-01-25 |
|||
## Ref: https://rdap.arin.net/registry/autnum/7015 |
|||
## |
|||
## OrgName: Comcast Cable Communications, LLC |
|||
## OrgId: CCCS |
|||
## Address: 1800 Bishops Gate Blvd |
|||
## City: Mt Laurel |
|||
## StateProv: NJ |
|||
## PostalCode: 08054 |
|||
## Country: US |
|||
## RegDate: 2001-09-18 |
|||
## Updated: 2020-11-18 |
|||
## Ref: https://rdap.arin.net/registry/entity/CCCS |
|||
## |
|||
## OrgTechHandle: IC161-ARIN |
|||
## OrgTechName: Comcast Cable Communications Inc |
|||
## OrgTechPhone: +1-856-317-7200 |
|||
## OrgTechEmail: CNIPEO-Ip-registration@cable.comcast.com |
|||
## OrgTechRef: https://rdap.arin.net/registry/entity/IC161-ARIN |
|||
## |
|||
## OrgRoutingHandle: ROUTI25-ARIN |
|||
## OrgRoutingName: Routing |
|||
## OrgRoutingPhone: +1-856-317-7200 |
|||
## OrgRoutingEmail: routing@comcast.com |
|||
## OrgRoutingRef: https://rdap.arin.net/registry/entity/ROUTI25-ARIN |
|||
## |
|||
## OrgAbuseHandle: NAPO-ARIN |
|||
## OrgAbuseName: Network Abuse and Policy Observance |
|||
## OrgAbusePhone: +1-888-565-4329 |
|||
## OrgAbuseEmail: abuse@comcast.net |
|||
## OrgAbuseRef: https://rdap.arin.net/registry/entity/NAPO-ARIN |
|||
``` |
|||
|
|||
## qradar Metrics |
|||
|
|||
| Lang | \# Files | (%) | LoC | (%) | Blank lines | (%) | \# Lines | (%) | |
|||
|:-----|---------:|-----:|----:|-----:|------------:|-----:|---------:|----:| |
|||
| R | 7 | 0.44 | 60 | 0.43 | 23 | 0.27 | 49 | 0.3 | |
|||
| Rmd | 1 | 0.06 | 10 | 0.07 | 19 | 0.23 | 32 | 0.2 | |
|||
| SUM | 8 | 0.50 | 70 | 0.50 | 42 | 0.50 | 81 | 0.5 | |
|||
|
|||
clock Package Metrics for qradar |
|||
|
|||
## Code of Conduct |
|||
|
|||
Please note that this project is released with a Contributor Code of |
|||
Conduct. By participating in this project you agree to abide by its |
|||
terms. |
@ -0,0 +1,20 @@ |
|||
% Generated by roxygen2: do not edit by hand |
|||
% Please edit documentation in R/api-key.R |
|||
\name{qr_api_key} |
|||
\alias{qr_api_key} |
|||
\title{Get or set QRATOR_RADAR_API_KEY value} |
|||
\usage{ |
|||
qr_api_key(force = FALSE) |
|||
} |
|||
\arguments{ |
|||
\item{force}{force setting a new Qrator Radar API key for the current environment?} |
|||
} |
|||
\value{ |
|||
atomic character vector containing the Qrator Radar API key |
|||
} |
|||
\description{ |
|||
The API wrapper functions in this package all rely on a Qrator Radar API |
|||
key residing in the environment variable \code{QRATOR_RADAR_API_KEY}. The |
|||
easiest way to accomplish this is to set it in the \verb{\code{.Renviron}} file in your |
|||
home directory. |
|||
} |
@ -0,0 +1,22 @@ |
|||
% Generated by roxygen2: do not edit by hand |
|||
% Please edit documentation in R/ip-lookup.R |
|||
\name{qr_ip_lookup} |
|||
\alias{qr_ip_lookup} |
|||
\title{Get list of Prefixes/ASNs for selected IP} |
|||
\usage{ |
|||
qr_ip_lookup(ip, api_key = qr_api_key()) |
|||
} |
|||
\arguments{ |
|||
\item{ip}{IP to lookup} |
|||
|
|||
\item{api_key}{your Qrator Radar API key; see \code{\link[=qr_api_key]{qr_api_key()}}.} |
|||
} |
|||
\value{ |
|||
list (use \code{\link[=qr_tidy]{qr_tidy()}} to turn the raw API result into a data frame) |
|||
} |
|||
\description{ |
|||
Get list of Prefixes/ASNs for selected IP |
|||
} |
|||
\examples{ |
|||
qr_tidy(qr_ip_lookup("17.253.144.10")) |
|||
} |
@ -0,0 +1,21 @@ |
|||
% Generated by roxygen2: do not edit by hand |
|||
% Please edit documentation in R/tidy.R |
|||
\name{qr_tidy} |
|||
\alias{qr_tidy} |
|||
\title{Turn a Qrator Radar raw API result into a data frame} |
|||
\usage{ |
|||
qr_tidy(res) |
|||
} |
|||
\arguments{ |
|||
\item{res}{raw QRator Radar API result from the query functions in |
|||
this package.} |
|||
} |
|||
\value{ |
|||
data frame |
|||
} |
|||
\description{ |
|||
Turn a Qrator Radar raw API result into a data frame |
|||
} |
|||
\examples{ |
|||
qr_tidy(qr_ip_lookup("17.253.144.10")) |
|||
} |
@ -0,0 +1,22 @@ |
|||
% Generated by roxygen2: do not edit by hand |
|||
% Please edit documentation in R/whois.R |
|||
\name{qr_whois} |
|||
\alias{qr_whois} |
|||
\title{Retrieve the raw WHOIS record for a given autonomous system} |
|||
\usage{ |
|||
qr_whois(asn) |
|||
} |
|||
\arguments{ |
|||
\item{asn}{autonomous system number; should be just the number but |
|||
the function will also work if the input is prefixed with |
|||
"AS" or "as"} |
|||
} |
|||
\value{ |
|||
character |
|||
} |
|||
\description{ |
|||
Retrieve the raw WHOIS record for a given autonomous system |
|||
} |
|||
\examples{ |
|||
qr_whois("7015") |
|||
} |
Loading…
Reference in new issue