Extraction d’adresses ip de fichiers log
On utilise ici les expressions régulières pour extraire l’adresse ip contenue dans une ligne du fichier log. On emploie enfin le module de géolocalisation d’adresse ip. Le module clize permet de gérer aisément les arguments passés au programme.
grabip.py:
# -*- coding: utf-8 -*-
"""
Created on Thu Oct 18 16:22:44 2012
@author: julien[at]hautefeuille.eu
#sudo apt-get install python-geoip
#sudo pip install clize
Usage: grabip.py [OPTIONS] filein fileout
"""
import re
import GeoIP
import clize
class ExtractIp(object):
'''
Extract IP from log file and write a report with GeoIP country
'''
def __init__(self, in_file, out_file):
self.in_file = in_file
self.out_file = out_file
self.ip_list = set()
self.geoip = GeoIP.new(GeoIP.GEOIP_MEMORY_CACHE)
def filter(self, src):
'''
Strip line and regex for ip
'''
for line in src:
ipp = re.search("([\d]+\.[\d]+\.[\d]+\.[\d]+)", line.rstrip('\n\r'))
if ipp:
self.ip_list.add(ipp.group())
def report(self, dest):
'''
Print result and write file report
'''
for elem in self.ip_list:
country = self.geoip.country_code_by_addr(elem)
print elem, country
if country:
dest.write(elem + ' ' +
self.geoip.country_code_by_addr(elem) + '\n')
else:
dest.write(elem + '\n')
def process(self):
'''
Main process
'''
source = open(self.in_file, 'r')
dest = open(self.out_file, 'w')
self.filter(source)
self.report(dest)
source.close()
dest.close()
@clize.clize()
def main(filein, fileout):
'''
Args management
'''
grab = ExtractIp(filein, fileout)
grab.process()
if __name__ == '__main__':
clize.run(main)