嘿,我试图找到许多攻击每天ip每天登录。我正在从系统日志文件中读取数据。python查找每天ip每天的攻击次数
此行两行是从
报价阅读...
Jan 10 09:32:09 j4-be03 sshd[3876]: Failed password for root from 218.241.173.35 port 47084 ssh2
Jan 10 09:32:19 j4-be03 sshd[3879]: Failed password for root from 218.241.173.35 port 47901 ssh2
Feb 7 17:19:16 j4-be03 sshd[10736]: Failed password for root from 89.249.209.92 port 46139 ssh2
这是我的代码:
desc_date = {}
count_date = 0
desc_ip = {}
count_ip = 0
for line in myfile:
if 'Failed password for' in line:
line_of_list = line.split()
#working together
date_port = ' '.join(line_of_list[0:2])
date_list = date_port.split(':')
date = date_list[0]
if desc_date.has_key(date):
count_date = desc_date[date]
count_date = count_date +1
desc_date[date] = count_date
#zero out the temporary counter as a precaution
count_date =0
else:
desc_date[date] = 1
ip_port = line_of_list[-4]
ip_list = ip_port.split(':')
ip_address = ip_list[0]
if desc_ip.has_key(ip_address):
count_ip = desc_ip[ip_address]
count_ip = count_ip +1
desc_ip[ip_address] = count_ip
#zero out the temporary counter as a precaution
count_ip =0
else:
desc_ip[ip_address] = 1
resulting = dict(desc_date.items() + desc_ip.items())
for result in resulting:
print result,' has', resulting[result] , ' attacks'
目前
给我这些结果是错误的:
报价...
Feb 8 has 33 attacks
218.241.173.35 has 15 attacks
72.153.93.203 has 14 attacks
213.251.192.26 has 13 attacks
66.30.90.148 has 14 attacks
Feb 7 has 15 attacks
92.152.92.123 has 5 attacks
Jan 10 has 28 attacks
89.249.209.92 has 15 attacks
它的IP地址是错误的,不知道从哪里代码脚麻希望有人能帮助
你为什么认为IP地址错了? – 2012-03-11 23:13:56
如果你编辑你的文章以确保代码被正确缩进,它会帮助我们。 – BobS 2012-03-11 23:18:09
因为例如JAN 10 - 有28次攻击,所以我需要每个IP地址每天匹配28次攻击 – 2012-03-11 23:18:55