ezri/sysadmin-exercise
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Optimized by not reading the entire log file into memory

Browse Source
This commit is contained in:
Ezri Brimhall 2024-10-01 17:52:15 -06:00
parent 09b57cdf06
commit 683f5de32c
Signed by: ezri
GPG Key ID: 3DA1675C4E9B9216
1 changed files with 16 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
python-logs/parselogs.py
View File

@ -10,15 +10,16 @@ def main():
input_file = sys.argv[1] input_file = sys.argv[1]
with open(input_file, "r") as f:
# Read log file
lines = f.readlines()
# keep track of both the total number of authentication failures and the number of failures from each IP address # keep track of both the total number of authentication failures and the number of failures from each IP address
auth_failures = {} auth_failures = {}
total = 0 total = 0
for line in lines: with open(input_file, "r") as f:
# Read log file
for line in f:
# check for auth failure in line
# NOTE: This is a rudimentary check, and will not work for all log formats. This was chosen for the log file provided.
# as an example, it will not work when the failure arises from PAM, as those logs are formatted differently
if "authentication failure" in line: if "authentication failure" in line:
# add failure # add failure
total += 1 total += 1