论坛 › Python › python脚本统计日志独立ip

rthtge 发表于 2014-12-30 08:20:59

python脚本统计日志独立ip

题目：
    有如下log文件，请打印出独立IP，并统计独立IP数，打印出访问最多的前5个ip及访问次数：
log文件www.log内容类似如下格式:

1
2
3
4
5
6
125.78.48.67 - - "GET /logo.jpg HTTP/1.1" 200 5183 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)"
101.226.166.226 - - "GET " 302 26 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.89 Safari/537.1; 360Spider"
101.226.166.226 - - "GET " "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.89 Safari/537.1; 360Spider"
125.78.48.67 - - "GET /topbanner.jpg HTTP/1.1" 200 51794 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)"
118.192.170.7 - - "GET HTTP/1.1" 200 34381 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36 SE 2.X MetaSr 1.0"
118.192.170.7 - - "GET HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36 SE 2.X MetaSr 1.0"





--- 刚学python，写的很烂，code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
#!/usr/bin/env python
import re

re1 = r'^\d+\.\d+\.\d+\.\d+'
reg = re.compile(re1)

fp = open('www.log')
f_content = fp.readlines()
fp.close()

a = []
for lines in f_content:
    ip = re.findall(reg,lines)
    a.append(ip)
b = list(set(a))

b1 = []
for i in range(len(b)):
    a1 = []
    a1.append(a.count(b))
    a1.append(b)
    b1.append(a1)
b1.sort(reverse=True)

k = 1
for j in b1:
    print j,j
    if k == 5:
      break
    k += 1





--- shell 只需一条命令：

1
awk '{print $1}' www.log |sort|uniq -c|sort -nr|head -n5





--- 改良了下python代码：

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#!/usr/bin/env python
#coding:utf-8
import re
import sys

def getIP():
    log = raw_input('请输入要查询的日志文件名，包括扩展名：')
    re1 = r'^\d+\.\d+\.\d+\.\d+'
    reg = re.compile(re1)
   
    fp = open(log)
    f_content = fp.readlines()
    fp.close()
   
    a = []
   
    for lines in f_content:
      ip = re.findall(reg,lines)
      a.append(ip)
   
    b = list(set(a))
   
    b1 = []
   
    for i in range(len(b)):
      a1 = []
      a1.append(a.count(b))
      a1.append(b)
      b1.append(a1)
   
    b1.sort(reverse=True)
    k = 1
    num = raw_input('请输入一个数字要查询前几个ip:')
    num = int(num)
    for j in b1:
      print j,j
      if k == num:
            break
      k += 1
if __name__ == '__main__':
    getIP()

查看完整版本: python脚本统计日志独立ip