infnetdanpro/ufw_log_analyzer.py

## ufw_log_analyzer.py
from collections import defaultdict
import re

log_entry_pattern = re.compile(r"\bSRC=([\d.]+)\b")


def parse_log(log_file):
    src_ip_counts = defaultdict(int)

    with open(log_file, "r") as f:
        for line in f:
            match = re.search(log_entry_pattern, line)
            if match:
                src_ip = match.group(1)
                src_ip_counts[src_ip] += 1

    return src_ip_counts


def main():
    log_file = input(
        "введите адрес лог файла: "
    )  # Замените 'your_log_file.log' на путь к вашему журналу
    src_ip_counts = parse_log(log_file)

    print("Статистика SRC IP адресов:")
    rows = []
    for src_ip, count in src_ip_counts.items():
        rows.append({"ip": src_ip, "count": count})

    rows = sorted(rows, key=lambda x: x["count"], reverse=True)
    for r in rows:
        print(r["ip"], r["count"])


if __name__ == "__main__":
    main()
	from collections import defaultdict
	import re

	log_entry_pattern = re.compile(r"\bSRC=([\d.]+)\b")


	def parse_log(log_file):
	src_ip_counts = defaultdict(int)

	with open(log_file, "r") as f:
	for line in f:
	match = re.search(log_entry_pattern, line)
	if match:
	src_ip = match.group(1)
	src_ip_counts[src_ip] += 1

	return src_ip_counts


	def main():
	log_file = input(
	"введите адрес лог файла: "
	) # Замените 'your_log_file.log' на путь к вашему журналу
	src_ip_counts = parse_log(log_file)

	print("Статистика SRC IP адресов:")
	rows = []
	for src_ip, count in src_ip_counts.items():
	rows.append({"ip": src_ip, "count": count})

	rows = sorted(rows, key=lambda x: x["count"], reverse=True)
	for r in rows:
	print(r["ip"], r["count"])


	if __name__ == "__main__":
	main()