嘿,我試圖找到許多攻擊每天ip每天登錄。我正在從系統日誌文件中讀取數據。python查找每天ip每天的攻擊次數
此行兩行是從
報價閱讀...
Jan 10 09:32:09 j4-be03 sshd[3876]: Failed password for root from 218.241.173.35 port 47084 ssh2
Jan 10 09:32:19 j4-be03 sshd[3879]: Failed password for root from 218.241.173.35 port 47901 ssh2
Feb 7 17:19:16 j4-be03 sshd[10736]: Failed password for root from 89.249.209.92 port 46139 ssh2
這是我的代碼:
desc_date = {}
count_date = 0
desc_ip = {}
count_ip = 0
for line in myfile:
if 'Failed password for' in line:
line_of_list = line.split()
#working together
date_port = ' '.join(line_of_list[0:2])
date_list = date_port.split(':')
date = date_list[0]
if desc_date.has_key(date):
count_date = desc_date[date]
count_date = count_date +1
desc_date[date] = count_date
#zero out the temporary counter as a precaution
count_date =0
else:
desc_date[date] = 1
ip_port = line_of_list[-4]
ip_list = ip_port.split(':')
ip_address = ip_list[0]
if desc_ip.has_key(ip_address):
count_ip = desc_ip[ip_address]
count_ip = count_ip +1
desc_ip[ip_address] = count_ip
#zero out the temporary counter as a precaution
count_ip =0
else:
desc_ip[ip_address] = 1
resulting = dict(desc_date.items() + desc_ip.items())
for result in resulting:
print result,' has', resulting[result] , ' attacks'
目前
給我這些結果是錯誤的:
報價...
Feb 8 has 33 attacks
218.241.173.35 has 15 attacks
72.153.93.203 has 14 attacks
213.251.192.26 has 13 attacks
66.30.90.148 has 14 attacks
Feb 7 has 15 attacks
92.152.92.123 has 5 attacks
Jan 10 has 28 attacks
89.249.209.92 has 15 attacks
它的IP地址是錯誤的,不知道從哪裏代碼腳麻希望有人能幫助
你爲什麼認爲IP地址錯了? – 2012-03-11 23:13:56
如果你編輯你的文章以確保代碼被正確縮進,它會幫助我們。 – BobS 2012-03-11 23:18:09
因爲例如JAN 10 - 有28次攻擊,所以我需要每個IP地址每天匹配28次攻擊 – 2012-03-11 23:18:55