LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Programming (https://www.linuxquestions.org/questions/programming-9/)
-   -   IP addresss aggregrator script perl/bash? (https://www.linuxquestions.org/questions/programming-9/ip-addresss-aggregrator-script-perl-bash-4175622616/)

blason 01-29-2018 05:52 AM
IP addresss aggregrator script perl/bash?
 
Hi There,

I am looking for any solution or a script may be in perl/bash or python which could aggregrate the IP addresses and provide me in file?

Well the idea here is I have deployed network based honeypot which is receiving numerous attacks and thus have different IP addresses. Now one IP addresses is hitting multiple ports and those are being logged into file. However is there way i could aggregrate those and move to other file every 5 mins or as soon as it hits my honeypot the IP address will be logged into other file which should be uniq?

Please let me know of may ideas?

////// 01-29-2018 06:00 AM
you should post examples, so ppl know how to parse the logs.

EDIT: forgot to say that i ran glastopf on my network. it were ok honeypot.

Habitual 01-29-2018 10:41 AM
fail2ban is python and quite good at this.

Please let us know.


All times are GMT -5. The time now is 08:04 AM.