chx is a go application that faciliates investigation of IP addresses in the terminal so as to avoid the need to context switch when you are already working in the terminal. For now, chx only makes use of AbuseIP DB, but future plan include integrations into into Crowdsec, and OTX.
The easiest way to install chx is go:
go install github.com/EpykLab/chx@latest
Prebuilt binaries are also avaiable for download in the realease section.
The only requirement for setup is configuring the AbuseIP API key. If you don't have one already, you will need to set up a free AbuseIP account. Once you have one, Create and export API key as an environmental variable with the following:
export abuseipdbkey=<apikey>
export crowdseckey=<apikey>
A convenient way to have this always available is to add it you your .bashrc/.zshrc file, like so:
echo "export abuseipdbkey=<apikey>" >> ~/.zshrc
echo "export crowdseckey=<apikey>" >> ~/.zshrc
Note that in feature version of this tools we will like migrate to a dedicated config file as there are other services we would like to incorporate.
Using chx is simple. simple run the following:
chx <ip addr>
This will return a json object that can be piped into jq
for further manipulation.
chx can also return data within a give time span. For example, you can retrieve the reported information for an IP address over the 30 days. This is passed in as the second argument to chx but is not required. For example:
chx 170.205.29.2 20
This will return all information for 170.205.29.2
over the past 20 days. If no
time space is specifed, chx defaults to ruturning information over the past 90 calander days.