class Ukemi::Services::CIRCL

Private Instance Methods

api() click to toggle source
# File lib/ukemi/services/circl.rb, line 14
def api
  @api ||= PassiveCIRCL::API.new
end
config_keys() click to toggle source
# File lib/ukemi/services/circl.rb, line 10
def config_keys
  %w[CIRCL_PASSIVE_USERNAME CIRCL_PASSIVE_PASSWORD]
end
lookup_by_domain(data) click to toggle source
# File lib/ukemi/services/circl.rb, line 18
def lookup_by_domain(data)
  passive_dns_lookup(data, "rdata")
end
lookup_by_ip(data) click to toggle source
# File lib/ukemi/services/circl.rb, line 22
def lookup_by_ip(data)
  passive_dns_lookup(data, "rrname")
end
passive_dns_lookup(data, key = nil) click to toggle source
# File lib/ukemi/services/circl.rb, line 26
def passive_dns_lookup(data, key = nil)
  results = api.dns.query(data)
  results = results.select do |result|
    result["rrtype"] == "A"
  end

  results.map do |result|
    Record.new(
      data: result[key],
      first_seen: Time.at(result["time_first"]).to_date.to_s,
      last_seen: Time.at(result["time_last"]).to_date.to_s,
      source: name
    )
  end
end