Powershell script for parsing netgate router logs

netgate-log-parser.ps1

$reader = [System.IO.File]::OpenText("path/to/log")

$ConnectedIPs = New-Object System.Collections.ArrayList
$RejectedConnections = New-Object System.Collections.ArrayList
$RSTScans = New-Object System.Collections.ArrayList
$ACKScans = New-Object System.Collections.ArrayList
while($null -ne ($line = $reader.ReadLine())) {
    if ($line.StartsWith('[Internet connected]')) {
        $cip = $ConnectedIPs.Add($line.Split('IP address: ').Split(',')[1])
    }

    if ($line.StartsWith('[WLAN access rejected: incorrect security]')) {
        $rc = $RejectedConnections.Add($line.Split('from MAC address ').Split(',')[1])
    }

    if($line.StartsWith("[DoS Attack: RST Scan]")) {
        $rsc = $RSTScans.Add($line.Split("from source: ").Split(',')[1]) 
    } 

    if($line.StartsWith("[DoS Attack: ACK Scan]")) {
        $asc = $ACKScans.Add($line.Split("from source: ").Split(',')[1]) 
    } 
}

Write-Host "IPs that have connected: "
$ConnectedIPs | Sort-Object | Get-Unique

Write-Host "Mac addresses of failed logins "
$RejectedConnections | Sort-Object | Get-Unique

Write-Host "RST Scans from "
$RSTScans | Sort-Object | Get-Unique

Write-Host "ACK Scans from "
$RSTScans | Sort-Object | Get-Unique