A proof of concept osquery extension to determine a user's current physical location by municipality, based-on the device's wifi site survey and calculated by Google.
This system was designed to determine if a user accessing a FedRAMP environment was disrespecting the geography-based firewall rule by employing a VPN.
Tested successfully on Windows 10 and Pop!OS.
MacOS is not supported due to Apple sterilizing location information.
Start osquery as osqueryi --extensions_socket=~/.osquery/shell.em
THEN start daemon as ./GeoSnitch --socket ~/.osquery/shell.em