ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I need something to make a script that will search some logs and extract IP hits from one country only. Let's say UK. I guess I need to use GeoIP or some database. I just need a very simple bash, perl, php script that will do this job. Just search threw logs (apache) and then give me number of hits found from UK.
I just need some guidance, or if you already have a already made script that will be wonderful.
It would really help if you gave us some details about your requirements, such as a representative example of the log text and the lines you need to extract. Once you have the strings you need to match, it would probably only take a simple grep command to extract them from the logs.
Fair enough that it may or may not be a simple grep, but without data the argument seems a little moot.
If we are to do it blind, I would suggest a while loop fed by awk, sed or grep to get IPs from log and then whatever program will tell you where an address is
from executed on each iteration of the loop.
Ok, so I had it backwards. You want to extract ip addresses, then use some tool to check where they are from. So you probably still want to use grep (or sed or awk) to extract the addresses, then use some other tool to determine the location.
But since I don't use apache and have never seen an apache log, I can't tell you how to do the first part; and I have no personal reason for wanting to know where ip addresses come from, so I also have no idea what tool would be suitable to use for the second part.
So again, give us some example text, and tell us how you would normally determine an ip address via the shell, and I'm sure it would be fairly easy to wrap it up into a script.
Or perhaps, as I was originally thinking, if you know what would be considered a UK address range (or ranges), then it might be possible to design a grep/sed/awk function to extract only those addresses directly from the log.
I have this script that you could possibly use: (I found it on the internet... name it as ipgeo and chmod it, or just use it within your script)
Code:
#!/bin/sh
URL="http://api.ipinfodb.com/v2/ip_query.php?key=30df9c9eaf73f8348950e325b50cfc583b8c14d6e110c0d59657236cc7c33192&ip="
WGET_OPTION="=-b -q --wait=3 --waitretry=2 --random-wait --limit-rate=9578 "
WGET_AGENT="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
ERROR=0
if [ "$1" = "" ]; then
ERROR=1
else
IP=$1
HTTP_LINK_XML="$URL""$IP""&output=xml&timezone="
HTTP_LINK_JSON="$URL""$IP""&output=json&timezone="
fi
if [ "$2" != "" ]; then
if [ "$2" != "json" ] && [ "$2" != "xml" ] ; then
ERROR=1
fi
TYPE="$2"
else
ERROR=1
fi
if [ "$3" != "" ]; then
if [ "$3" != "true" ] && [ "$3" != "false" ] ; then
ERROR=1
fi
TIMEZONE="$3"
else
ERROR=1
fi
if [ "$ERROR" != "0" ]; then
echo " "
echo " usage : $0 IP TYPE TIMEZONE"
echo " Where IP is the IP to check"
echo " TYPE is the output type (xml|json)"
echo " TIMEZONE is to show timezone data or not (false|true)"
echo " Big thanks to the team of IPInfoDB (http://ipinfodb.com)"
exit
fi
TST_wget=`wget > /dev/null 2>&1`
ErrorLevel=$?
if [ "$ErrorLevel" != 1 ] ; then
echo " ----"
echo " wget not found; please install it for proper operation."
echo " ----"
exit
fi
if [ "$TYPE" = "json" ]; then
JSON_Info=`wget -qO- --user-agent="$WGET_AGENT" $HTTP_LINK_JSON"$TIMEZONE" 2>&1`
echo "$JSON_Info"
else
XML_Info=`wget -qO- --user-agent="$WGET_AGENT" $HTTP_LINK_XML"$TIMEZONE" 2>&1`
echo "$XML_Info"
fi
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.