Skip to content

Instantly share code, notes, and snippets.

@ls4cfk

ls4cfk/clean Secret

Last active Aug 10, 2019
Embed
What would you like to do?
Medium - Log analysis
#!/usr/bin/env python3
import re
from collections import Counter
def log_reader(file):
ipv4 = r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}'
iplist = []
with open(file) as log:
for req in log:
match = re.match(ipv4, req)
if match:
if 'WPScan' in req:
iplist.append(match.group(0))
return set(iplist)
def clean_log(ips, file):
with open(file, 'r') as log_file:
for line in log_file:
if any(ip in line for ip in ips):
with open('new_log_file.log', 'a') as new_log_file:
new_log_file.write(line)
if __name__ == '__main__':
log_file = 'case1.log'
attacker_ip = log_reader(log_file)
clean_log(attacker_ip, log_file)
#!/usr/bin/env python3
import re
from collections import Counter
def log_reader(file):
ipv4 = r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}'
iplist = []
with open(file) as log:
for req in log:
match = re.match(ipv4, req)
if match:
if 'WPScan' in req:
iplist.append(match.group(0))
print(set(iplist))
if __name__ == '__main__':
log_file = 'case1.log'
attacker_ip = log_reader(log_file)
#!/usr/bin/env python3
import re
from collections import Counter
def log_reader(file):
ipv4 = r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}'
with open(file) as file:
log = file.read()
iplist = re.findall(ipv4, log)
ipcount = Counter(iplist)
for k, v in ipcount.most_common():
print(f"IP => {str(k)} რაოდენობა => {str(v)}")
if __name__ == '__main__':
log_reader("case1.log")
#!/usr/bin/env python3
import re
from collections import Counter
def log_reader(file):
ipv4 = r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}'
iplist = []
with open(file) as log:
for req in log:
match = re.match(ipv4, req)
if match:
if 'WPScan' in req:
iplist.append(match.group(0))
ipcount = Counter(iplist)
for k, v in ipcount.most_common():
print(f"IP => {str(k)} რაოდენობა => {str(v)}")
if __name__ == '__main__':
log_reader("case1.log")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment