如何查明某个 IP 地址已被记录多少次?
我认为是这样的
192.168.1.254
192.168.1.254
192.168.1.254
192.168.1.254
192.168.1.254
- 10.40.89.79
至此
- 192.168.1.254 (5)
- 10.40.89.79 (1)
syslog_2019-05-15.txt 看起来像这样
DROP IN=eth0 OUT= MAC=38:2c:4a:cb:e2:40:10:e8:78:aa:89:ba:08:00 SRC=92.53.90.242 DST=90.149.222.18 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=37773 PROTO=TCP SPT=59155 DPT=1027 SEQ=1687374236 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0
192.168.1.1 May 14 00:01:44 kern warning kernel DROP IN=eth0 OUT= MAC=38:2c:4a:cb:e2:40:10:e8:78:aa:89:ba:08:00 SRC=185.216.140.6 DST=90.149.222.18 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=54321 PROTO=TCP SPT=5
代码:
var fs = require('fs');
fs.readFile('C:/Users/sondr/Desktop/koder/Ip_søk_syslog/syslog_2019-05-15.txt', 'utf8', function(err, data) {
if (err) throw err; {
//count
var count = 0;
//ReEX
const reg = /\bSRC=([\.0-9]+)\b/g;
while ((m = reg.exec(data))) {
console.log("SRC= " + m[1])
console.log(++count);
}
// DEBUG:
//console.log(data);
}
});
最佳答案
循环访问 IP 地址并将地址保存为对象的键,如果您迭代 tracker
对象中已存在的 IP,则可以获取它的值并将其增加 1
或默认为 1
(如果它不存在),因为这将是您第一次遇到该 IP。
const data = [
'192.168.1.254',
'192.168.1.254',
'192.168.1.254',
'192.168.1.254',
'192.168.1.254',
'10.40.89.79'
]
const tracker = {}
data.forEach(d => {
const count = d in tracker ? ++tracker[d] : 1
tracker[d] = count
})
Object.keys(tracker).forEach(k => console.log(`${k} (${tracker[k]})`))
我在网上找到了一个 IP 地址正则表达式,可以针对您的日志运行 match
,然后针对匹配项运行相同的功能。
const reg = /\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/g
const str = `DROP IN=eth0 OUT= MAC=38:2c:4a:cb:e2:40:10:e8:78:aa:89:ba:08:00 SRC=92.53.90.242 DST=90.149.222.18 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=37773 PROTO=TCP SPT=59155 DPT=1027 SEQ=1687374236 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0
192.168.1.1 May 14 00:01:44 kern warning kernel DROP IN=eth0 OUT= MAC=38:2c:4a:cb:e2:40:10:e8:78:aa:89:ba:08:00 SRC=185.216.140.6 DST=90.149.222.18 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=54321 PROTO=TCP SPT=5`
const data = str.match(reg) || []
const tracker = {}
data.forEach(d => {
const count = d in tracker ? ++tracker[d] : 1
tracker[d] = count
})
Object.keys(tracker).forEach(k => console.log(`${k} (${tracker[k]})`))
也许你可以在网上找到更好的正则表达式,如果可以的话请告诉我! :-) 更新 我看到@Kunal 的正则表达式看起来不错。
进一步详细说明这一点并构建一个函数,该函数接受正则表达式和字符串,并返回该字符串相对于正则表达式的出现次数。
const GET_OCCURRENCE = (r = /no args/g, str = 'no args') => {
const data = str.match(r) || []
const tracker = {}
let rtnStr = ''
data.forEach(d => {
const count = d in tracker ? ++tracker[d] : 1
tracker[d] = count
})
return [
Object.keys(tracker).reduce((rtn, k) => rtn+=` \n${k} (${tracker[k]})`, ''),
tracker
]
}
const [IPS, IPS_OBJ] = GET_OCCURRENCE(/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/g, `DROP IN=eth0 OUT= MAC=38:2c:4a:cb:e2:40:10:e8:78:aa:89:ba:08:00 SRC=92.53.90.242 DST=90.149.222.18 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=37773 PROTO=TCP SPT=59155 DPT=1027 SEQ=1687374236 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0
192.168.1.1 May 14 00:01:44 kern warning kernel DROP IN=eth0 OUT= MAC=38:2c:4a:cb:e2:40:10:e8:78:aa:89:ba:08:00 SRC=185.216.140.6 DST=90.149.222.18 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=54321 PROTO=TCP SPT=5`)
console.log(IPS, IPS_OBJ)
const [LETTERS, LETTERS_OBJ] = GET_OCCURRENCE(/[azi]/g, 'bhfgdakdfjsihjkzzjkdldfaajjii')
console.log(LETTERS, LETTERS_OBJ)
关于javascript - 检查字符串是否匹配,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/56170904/