Skip to content

Instantly share code, notes, and snippets.

Last active October 29, 2015 21:17
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
Small script to parse nginx access log file, and find out from what organisation (AS) was visiting your website
#!/usr/bin/env ruby
require 'teamcymru'
require 'ipaddr'
c =
ips =
ARGF.each do |line|
ip =[0])
# rewrite ::ffff:v4inv6-notation to native v4
ips << ip.native.to_s
# group and count IPs
grouped_ips = ips.inject( { |h, ip| h[ip] += 1; h}
grouped_ips.sort_by{|k,v| v}.reverse.each do |ip, num|
as_info = c.lookup(ip)
printf "%5.d%55.50s %s\n", num,, ip
puts "-"*80
printf "%5.d\n", ips.length
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment