diff --git a/src/ids.js b/src/ids.js
new file mode 100644
index 0000000..e2ef4cd
--- /dev/null
+++ b/src/ids.js
@@ -0,0 +1,34 @@
+import { createWriteStream } from 'node:fs'
+import { open } from 'node:fs/promises'
+
+const ips = await open('ip.txt')
+
+const suricata = createWriteStream('../public/botnet-filter-suricata.rules', {
+  encoding: 'utf8',
+  flags: 'a'
+})
+const splunk = createWriteStream('../public/botnet-filter-splunk.csv', {
+  encoding: 'utf8',
+  flags: 'a'
+})
+
+let sid = 600000001
+
+for await (const line of ips.readLines()) {
+  if (!URL.canParse(`http://${line}`)) {
+    console.error(`Invalid URL: ${line}`)
+    continue
+  }
+
+  const url = new URL(`http://${line}`)
+  const suricataIp = url.hostname.replace(/\[|\]/g, '"')
+  const splunkIp = url.hostname.replace(/\[|\]/g, '')
+
+  suricata.write(`alert ip $HOME_NET any -> [${suricataIp}] any (msg:"botnet-filter botnet IP detected\"; classtype:trojan-activity; sid:${sid}; rev:1;)\n`)
+  splunk.write(`"${splunkIp}","botnet-filter botnet IP detected","${process.env.CURRENT_TIME}"\n`)
+
+  sid++
+}
+
+suricata.close()
+splunk.close()
diff --git a/src/script.sh b/src/script.sh
index 6791dff..da7dc77 100644
--- a/src/script.sh
+++ b/src/script.sh
@@ -151,19 +151,8 @@ set +x
 rm "../public/botnet-filter-suricata.rules" \
   "../public/botnet-filter-splunk.csv"
 
-SID="600000001"
-while read line; do
-  IP=$(printf "$line" | sed -r 's/\[|\]/"/g')
-  SR_RULE="alert ip \$HOME_NET any -> [$IP] any (msg:\"botnet-filter botnet IP detected\"; classtype:trojan-activity; sid:$SID; rev:1;)"
-
-  IP=$(printf "$line" | sed -r 's/\[|\]//g')
-  SP_RULE="\"$IP\",\"botnet-filter botnet IP detected\",\"$CURRENT_TIME\""
-
-  echo "$SR_RULE" >> "../public/botnet-filter-suricata.rules"
-  echo "$SP_RULE" >> "../public/botnet-filter-splunk.csv"
-
-  SID=$(( $SID + 1 ))
-done < "ip.txt"
+export CURRENT_TIME
+node "../src/ids.js"
 
 
 set -x