-
-
Save ls4cfk/addf7cfeba6eb7dc582ff7692c19a380 to your computer and use it in GitHub Desktop.
Medium - Log analysis
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import re | |
from collections import Counter | |
def log_reader(file): | |
ipv4 = r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}' | |
iplist = [] | |
with open(file) as log: | |
for req in log: | |
match = re.match(ipv4, req) | |
if match: | |
if 'WPScan' in req: | |
iplist.append(match.group(0)) | |
return set(iplist) | |
def clean_log(ips, file): | |
with open(file, 'r') as log_file: | |
for line in log_file: | |
if any(ip in line for ip in ips): | |
with open('new_log_file.log', 'a') as new_log_file: | |
new_log_file.write(line) | |
if __name__ == '__main__': | |
log_file = 'case1.log' | |
attacker_ip = log_reader(log_file) | |
clean_log(attacker_ip, log_file) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import re | |
from collections import Counter | |
def log_reader(file): | |
ipv4 = r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}' | |
iplist = [] | |
with open(file) as log: | |
for req in log: | |
match = re.match(ipv4, req) | |
if match: | |
if 'WPScan' in req: | |
iplist.append(match.group(0)) | |
print(set(iplist)) | |
if __name__ == '__main__': | |
log_file = 'case1.log' | |
attacker_ip = log_reader(log_file) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import re | |
from collections import Counter | |
def log_reader(file): | |
ipv4 = r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}' | |
with open(file) as file: | |
log = file.read() | |
iplist = re.findall(ipv4, log) | |
ipcount = Counter(iplist) | |
for k, v in ipcount.most_common(): | |
print(f"IP => {str(k)} რაოდენობა => {str(v)}") | |
if __name__ == '__main__': | |
log_reader("case1.log") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import re | |
from collections import Counter | |
def log_reader(file): | |
ipv4 = r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}' | |
iplist = [] | |
with open(file) as log: | |
for req in log: | |
match = re.match(ipv4, req) | |
if match: | |
if 'WPScan' in req: | |
iplist.append(match.group(0)) | |
ipcount = Counter(iplist) | |
for k, v in ipcount.most_common(): | |
print(f"IP => {str(k)} რაოდენობა => {str(v)}") | |
if __name__ == '__main__': | |
log_reader("case1.log") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment