Home > Backend Development > Python Tutorial > Simple script for web server log analysis

Simple script for web server log analysis

高洛峰
Release: 2016-10-18 11:56:45
Original
1886 people have browsed it

Due to various reasons, a task of analyzing intrusion logs fell on me. How can I quickly analyze a 1G log? ? Mr. Ci said that he could create a script to parse and store it in the database, and then analyze it in the database. . . Forget it, that’s a pain in the ass, just write a script to analyze the problematic logs. So there was this little script. As for how to use it, it’s up to you, haha. For example, if you find the SQL injection statement and then see the IP, you can change the script, use the IP as a feature to extract the log, and analyze the intrusion process. It's very fast. It only takes a few seconds for my broken machine to run a 1G log file.

Writing programs to complete tasks at work is very happy and interesting. Haha

Use parameters: seay.py E:/1.log

#coding = utf8
#Filename = seay.py
import os
import sys
  
#特征,可以随意改,两块五一次
_tezheng = {'union','select','file_put_contents'}
  
def CheckFile(_path):
      
    _f = open(_path,"r")
    _All_Line = _f.readlines()
    _f.close()
      
    _Count_Line =0
    _Len_Line = len(_All_Line)
          
    _Ex_Str = ''
  
    print('Read Over --')
      
    while _Count_Line<_Len_Line:
            _Str = _All_Line[_Count_Line]           
            for _tz_Str in _tezheng:
                if _tz_Str in _Str: #可以加and条件,这个贵一点,5毛一次
                    _Ex_Str+=_tz_Str+_Str+&#39;\r\n&#39;
            _Count_Line+=1
      
    _f1 = open(_path+&#39;.seay.txt&#39;,"w")
    _f1.write(_Ex_Str)
    _f1.close()   
    print &#39;Find Over--&#39;  
  
if len(sys.argv)==2:
    _File = sys.argv[1]
    if os.path.lexists(_File):
        CheckFile(_File)
    else:
        print(&#39;File does not exist!&#39;)
else:
    print &#39;Parameter error&#39;
    print sys.argv[0]+&#39; FilePath&#39;
Copy after login

The final file generated is: original file name.seay.txt in the same directory, in the format of matching features + log

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template