Hi everyone Have anybody seen or create a query able to perf

Question

Hi everyone Have anybody seen or create a query able to perform geolocation either by querying an external source or pointing a range of IPs Thank you

seph · Answer

There are some tables that have information that can be used for geolocation wifi ssids for example Though I also think that one has gone through some changes on what apple exposes

seph · Answer

IP addresses are a bit weirder osquery only has access to what the machine thinks it s IP address is not what the external IP of any NAT interfaces are

seph · Answer

So either you have a server that looks at inbound connections you use the curl table to hit something or you can t reliably get external IP

defensivedepth · Answer

You could hit an API like this to get the public IP

zwass · Answer

I discuss a strategy like the one suggested by < defensivedepth> in

William Guilherme · Answer

Thank you gentleman This was super helpful Much appreciated