Last active
October 3, 2022 03:54
-
-
Save martinium/cf44daa3a5b647ca6be0dd509b56a2d8 to your computer and use it in GitHub Desktop.
Checks a bunch of logs for certain criteria
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import strutils | |
| import std/[asyncfile, asyncdispatch, asyncfutures, os] | |
| import times | |
| var post = openAsync("post_" & $now().toTime().toUnix() & ".txt", fmWrite) | |
| var error = openAsync("error_" & $now().toTime().toUnix() & ".txt", fmWrite) | |
| var fail = openAsync("fail_" & $now().toTime().toUnix() & ".txt", fmWrite) | |
| var auth = openAsync("auth_" & $now().toTime().toUnix() & ".txt", fmWrite) | |
| var succ = openAsync("succ_" & $now().toTime().toUnix() & ".txt", fmWrite) | |
| var users = openAsync("users_" & $now().toTime().toUnix() & ".txt", fmWrite) | |
| var conn = openAsync("connections_" & $now().toTime().toUnix() & ".txt", fmWrite) | |
| var login = openAsync("login_" & $now().toTime().toUnix() & ".txt", fmWrite) | |
| var nobody = openAsync("nobody_" & $now().toTime().toUnix() & ".txt", fmWrite) | |
| var admin = openAsync("admin_" & $now().toTime().toUnix() & ".txt", fmWrite) | |
| var query = openAsync("query_" & $now().toTime().toUnix() & ".txt", fmWrite) | |
| var select = openAsync("select_" & $now().toTime().toUnix() & ".txt", fmWrite) | |
| # var bad_ip = openAsync("badip_" & $now().toTime().toUnix() & ".txt", fmWrite) | |
| # var domain = openAsync("domain_" & $now().toTime().toUnix() & ".txt", fmWrite) | |
| var sqli = openAsync("sqli_" & $now().toTime().toUnix() & ".txt", fmWrite) | |
| proc parseLog() {.async.} = | |
| for file in walkDirRec("/mnt/d/logs/"): | |
| if ".log" in file: | |
| var f = openAsync(file, fmRead) | |
| var data = f.readAll() | |
| # f.close() | |
| for line in data.lines: | |
| case line | |
| of "POST": | |
| echo line | |
| await post.write(line & "\t" & file & "\n") | |
| of "ERROR", "error": | |
| echo line | |
| await error.write(line & "\t" & file & "\n") | |
| of "failed": | |
| echo line | |
| await fail.write(line & "\t" & file & "\n") | |
| of "auth": | |
| echo line | |
| await auth.write(line & "\t" & file & "\n") | |
| of "success": | |
| echo line | |
| await succ.write(line & "\t" & file & "\n") | |
| of "user": | |
| echo line | |
| await users.write(line & "\t" & file & "\n") | |
| of "connection success", "connection fail", "connect": | |
| echo line | |
| await conn.write(line & "\t" & file & "\n") | |
| of "login": | |
| echo line | |
| await login.write(line & "\t" & file & "\n") | |
| of "nobody": | |
| echo line | |
| await nobody.write(line & "\t" & file & "\n") | |
| of "admin": | |
| echo line | |
| await admin.write(line & "\t" & file & "\n") | |
| of "query", "QUERY": | |
| echo line | |
| await query.write(line & "\t" & file & "\n") | |
| of "select", "SELECT": | |
| echo line | |
| await select.write(line & "\t" & file & "\n") | |
| of "update", "where", "set", "insert": | |
| echo line | |
| await sqli.write(line & "\t" & file & "\n") | |
| else: | |
| discard | |
| when isMainModule: | |
| waitFor parseLog() | |
| error.close() | |
| fail.close() | |
| auth.close() | |
| succ.close() | |
| users.close() | |
| conn.close() | |
| login.close() | |
| nobody.close() | |
| admin.close() | |
| query.close() | |
| select.close() | |
| # badip.close() | |
| # domain.close() | |
| sqli.close() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment