simple script for parsing syslog logs from my edgerouter firewall + adding some extra information like GeoIP or whois information to it

main.py

import requests
import sys

__log_path = "logile path"
__parsed_log_path = "new parsed logfile"
__parsed_log_path_only_ip = " "
__apiKey = "enter api key for dn-ip here "
__api_Url = "http://api.db-ip.com/v2/"  # to be added : <apiKey>/<ipAddress>

ips = []
with open(__log_path) as log:
    for line in log:
        # Partitioniert jede Zeile erst anhand des Keywords SRC= und extract alles ab diesem Keyword inklusive desselben, anschließend wird alles überflüssige abgeschnitten.
        s = (line.partition("SRC=")[1] + line.partition("SRC=")[2]).partition("DST")[0].replace("SRC=", "").replace(" ",
                                                                                                                    "")
        # in Liste packen
        if s != "192.168.2.1" and s != "" and s != "192.168.2.146":
            ips.append(s)
ips = sorted(ips)

filtered_List = []

# doopelte ips zusammenfassen, zähler steht jeweils nach dem jeweiligen Eintrag
for ip in ips:
    if not filtered_List.__contains__(ip):
        filtered_List.append(ip)
        filtered_List.append(1)
    else:
        filtered_List[filtered_List.index(ip) + 1] += 1
#print(filtered_List)

with open(__parsed_log_path_only_ip, 'w') as file:
    for ip in ips:
        file.write(ip + '\n')

with open(__parsed_log_path, 'w') as f:
    for ip in filtered_List:
        if str(ip).__contains__('.'):
            r = requests.get(__api_Url + __apiKey + "/" + ip)
            f.write(str(str(r.json()).encode(sys.stdout.encoding, errors='replace')) + ' count: ' + str(
                filtered_List[filtered_List.index(ip) + 1]) + '\n')