Optimized by not reading the entire log file into memory

2024-10-01 17:52:15 -06:00
parent 09b57cdf06
commit 683f5de32c
1 changed files with 16 additions and 15 deletions
--- a/python-logs/parselogs.py
+++ b/python-logs/parselogs.py
@@ -10,15 +10,16 @@ def main():

    input_file = sys.argv[1]

-    with open(input_file, "r") as f:
-        # Read log file
-        lines = f.readlines()
-
    # keep track of both the total number of authentication failures and the number of failures from each IP address
    auth_failures = {}
    total = 0

-    for line in lines:
+    with open(input_file, "r") as f:
+        # Read log file
+        for line in f:
+            # check for auth failure in line
+            # NOTE: This is a rudimentary check, and will not work for all log formats. This was chosen for the log file provided.
+            # as an example, it will not work when the failure arises from PAM, as those logs are formatted differently
            if "authentication failure" in line:
                # add failure
                total += 1