Last active
June 4, 2024 09:55
-
-
Save POMXARK/9f3525d9aef89e990ff734e7dad2d47d to your computer and use it in GitHub Desktop.
parse_access_apache_log_txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
127.0.0.1 - - [01/Apr/2022:18:19:15 +1000] "\x16\x03\x01\x02" 400 326 "-" "-" | |
127.0.0.1 - - [01/Apr/2022:18:19:15 +1000] "\x16\x03\x01\x02" 400 326 "-" "-" | |
127.0.0.1 - - [01/Apr/2022:18:20:15 +1000] "\x16\x03\x01\x02" 400 326 "-" "-" | |
127.0.0.1 - - [01/Apr/2022:18:20:15 +1000] "\x16\x03\x01\x02" 400 326 "-" "-" | |
::1 - - [01/Apr/2022:18:22:10 +1000] "GET /phpmyadmin/ HTTP/1.1" 200 18361 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36 Edg/99.0.1150.55" | |
::1 - - [01/Apr/2022:18:22:13 +1000] "GET /phpmyadmin/themes/pmahomme/css/theme.css?v=5.1.1&nocache=2250110580ltr&server=1 HTTP/1.1" 200 214799 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36 Edg/99.0.1150.55" | |
::1 - - [01/Apr/2022:18:22:14 +1000] "GET /phpmyadmin/js/messages.php?l=ru&v=5.1.1 HTTP/1.1" 200 12908 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36 Edg/99.0.1150.55" | |
::1 - - [01/Apr/2022:18:22:15 +1000] "POST /phpmyadmin/index.php?route=/navigation&ajax_request=1 HTTP/1.1" 200 2898 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36 Edg/99.0.1150.55" | |
::1 - - [01/Apr/2022:18:22:15 +1000] "POST /phpmyadmin/index.php?route=/config/get HTTP/1.1" 200 1855 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36 Edg/99.0.1150.55" | |
::1 - - [01/Apr/2022:18:22:15 +1000] "POST /phpmyadmin/index.php?route=/config/get HTTP/1.1" 200 1764 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36 Edg/99.0.1150.55" | |
::1 - - [01/Apr/2022:18:22:15 +1000] "POST /phpmyadmin/index.php?route=/version-check HTTP/1.1" 200 64 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36 Edg/99.0.1150.55" | |
::1 - - [01/Apr/2022:18:22:15 +1000] "POST /phpmyadmin/index.php?route=/database/structure/favorite-table&ajax_request=1&favorite_table=1&sync_favorite_tables=1 HTTP/1.1" 200 192 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36 Edg/99.0.1150.55" | |
::1 - - [01/Apr/2022:18:22:16 +1000] "POST /phpmyadmin/index.php?route=/config/set HTTP/1.1" 200 1756 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36 Edg/99.0.1150.55" | |
127.0.0.1 - - [01/Apr/2022:18:25:15 +1000] "\x16\x03\x01\x02" 400 326 "-" "-" | |
127.0.0.1 - - [01/Apr/2022:18:25:15 +1000] "\x16\x03\x01\x02" 400 326 "-" "-" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import json | |
from datetime import datetime | |
import re | |
from file_read_backwards import FileReadBackwards | |
from threading import Thread | |
from rapidfuzz import fuzz | |
class ParserAccessLog(Thread): | |
def __init__(self, path_file): | |
super().__init__() | |
self.path_file = path_file | |
self.new_lines = [] | |
self.parse_logs = [] | |
self.lines = [] | |
def _read_file(self): | |
self.parse_logs = [] | |
try: | |
with FileReadBackwards(self.path_file, encoding="utf-8") as frb: | |
self.new_lines = [] | |
for idx, l in enumerate(frb): | |
if len(self.lines) == 0: | |
self.new_lines.append(l) | |
else: | |
try: | |
if fuzz.ratio(l, self.lines[0]) == 100: | |
break | |
else: | |
self.new_lines.append(l) | |
except IndexError: | |
break | |
if len(self.new_lines) == 0: | |
return | |
else: | |
return self._parse_file() | |
except PermissionError or IndexError: | |
return | |
def _parse_file(self): | |
for el in self.new_lines: | |
ip = re.findall(r"^\d+[.]\d+[.]\d+", el) | |
if len(ip) == 0: | |
ip = re.findall(r"^\d+[:]\d+[:]\d+", el) | |
if len(ip) == 0: | |
ip = re.findall(r"::\d+", el) | |
date = str(datetime.strptime(re.findall(r"\d+[/]\D+[/]\d+[:]\d+[:]\d+[:]\d+", el)[-1], '%d/%b/%Y:%H:%M:%S')) | |
data = re.split(r"] ", el)[-1] | |
if len(ip) == 1: | |
data = data.replace('\"', '') | |
self.parse_logs.append({"ip": ip[-1], "date": date, "data": data}) | |
for idx, el in enumerate(self.new_lines): | |
self.lines.insert(idx, el) | |
return json.dumps({"data": self.parse_logs}) | |
def _update_json(self): | |
while True: | |
json = self._read_file() | |
if json is not None: | |
print(json) | |
def run(self): | |
self._update_json() | |
if __name__ == '__main__': | |
thread1 = ParserAccessLog(r"access.log") | |
thread1.start() | |
print('основной поток') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment