[an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive]
 
[an error occurred while processing this directive] [an error occurred while processing this directive]
Skåne Sjælland Linux User Group - http://www.sslug.dk Home   Subscribe   Mail Archive   Forum   Calendar   Search
MhonArc Date: [Date Prev] [Date Index] [Date Next]   Thread: [Date Prev] [Thread Index] [Date Next]   MhonArc
 

Perl puzzle - (multidimensionelt hash-array?)



Hej ssluggere!

Jeg har et problem med en logfil, som jeg gerne vil have analyseret - måske
er her nogle som kan hjælpe mig på vej?

Logfilen indeholder en masse linier a'la:
(something...) 10.1.2.3 -> 10.3.4.5 (something...)

...altså "ip-nummer 10.1.2.3 har lavet en connect til ip 10.3.4.5".

Jeg vil gerne lave et script, som kan analysere filen, og fortælle mig hvor
mange FORSKELLIGE ip-adresser et givent ip har haft fat i (for at opdage
portscans osv.)

Jeg åbner filen som <LOG> og fyrer følgende af:

while ( $line = <LOG> ) {
 if (($src, $dest) = ( $line =~ / (10\.\d{1,3}\.\d{1,3}\.\d{1,3}).* ->
(10\.\d{1,3}\.\d{1,3}\.\d{1,3})/ )) {
  $connects{$src}{$dest}+=1;
 }
}

Det burde, såvidt jeg kan se, tælle op hvor mange gange en given connect
(fra ét bestemt ip til ét bestemt andet) finder sted. Problemet er at fiske
dataene ud igen...

Jeg forsøger at lave to nestede loops, a'la:

foreach $src (keys (%connects) ) {
 foreach $dest (keys (%connects{$src}) ) {
  $visited{$src}++;
 }
}

...men det virker bare ikke. :-(

Hvordan kringler jeg den?!?

Mvh.
Kent B. Hansen




 
Home   Subscribe   Mail Archive   Index   Calendar   Search

 
 
Questions about the web-pages to <www_admin>. Last modified 2005-08-10, 19:54 CEST [an error occurred while processing this directive]
This page is maintained by [an error occurred while processing this directive]MHonArc [an error occurred while processing this directive] # [an error occurred while processing this directive] *