{"id":23090225,"url":"https://github.com/samueljayasingh/log-analysis","last_synced_at":"2025-04-03T17:43:24.919Z","repository":{"id":266686720,"uuid":"899044168","full_name":"SamuelJayasingh/Log-Analysis","owner":"SamuelJayasingh","description":null,"archived":false,"fork":false,"pushed_at":"2024-12-05T14:48:26.000Z","size":3,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-09T06:18:20.057Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SamuelJayasingh.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-12-05T14:16:58.000Z","updated_at":"2024-12-05T14:48:37.000Z","dependencies_parsed_at":"2024-12-05T15:38:01.538Z","dependency_job_id":null,"html_url":"https://github.com/SamuelJayasingh/Log-Analysis","commit_stats":null,"previous_names":["samueljayasingh/log-analysis"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SamuelJayasingh%2FLog-Analysis","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SamuelJayasingh%2FLog-Analysis/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SamuelJayasingh%2FLog-Analysis/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SamuelJayasingh%2FLog-Analysis/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SamuelJayasingh","download_url":"https://codeload.github.com/SamuelJayasingh/Log-Analysis/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247051961,"owners_count":20875677,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-16T20:52:38.046Z","updated_at":"2025-04-03T17:43:24.898Z","avatar_url":"https://github.com/SamuelJayasingh.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# **Log Analysis Tool**\n\nA Python-based log analysis script designed to parse and analyze server log files. This tool provides insights such as the number of requests per IP, the most frequently accessed endpoints, and detection of suspicious activities like failed login attempts.\n\n---\n\n## **Features**\n\n1. **Count Requests per IP Address**\n   - Parses the log file to extract IP addresses and counts the number of requests made by each.\n   - Results are sorted in descending order of request counts.\n\n2. **Identify the Most Frequently Accessed Endpoint**\n   - Analyzes log entries to determine which resource (e.g., `/home`, `/login`) was accessed the most.\n   - Displays the endpoint and its access count.\n\n3. **Detect Suspicious Activity**\n   - Identifies IP addresses with failed login attempts (e.g., HTTP status code `401` or \"Invalid credentials\") exceeding a configurable threshold (default: 3).\n   - Flags these IPs for potential brute-force or unauthorized access attempts.\n\n4. **CSV Output**\n   - Generates a structured CSV file containing the analysis results:\n     - Requests per IP\n     - Most accessed endpoint\n     - Suspicious activity (failed login attempts)\n\n---\n\n## **Requirements**\n\n- Python 3.6 or above\n\n---\n\n## **Installation**\n\n1. Clone the repository:\n   ```bash\n   git clone https://github.com/SamuelJayasingh/Log-Analysis.git\n   cd Log-Analysis\n   ```\n\n2. Ensure Python is installed:\n   ```bash\n   python --version\n   ```\n\n---\n\n## **Usage**\n\n1. Place your server log file in the same directory as `main.py`. A sample log file (`sample.log`) is provided for testing.\n\n2. Run the script:\n   ```bash\n   python main.py\n   ```\n\n3. Check the terminal for analysis results.\n\n4. View the CSV file (`log_analysis_results.csv`) generated in the same directory for detailed outputs.\n\n---\n\n## **Output**\n\n### Terminal Output:\n#### Example:\n```bash\nIP Address           Request Count\n203.0.113.5          8\n198.51.100.23        8\n192.168.1.1          7\n10.0.0.2             6\n192.168.1.100        5\n\nMost Frequently Accessed Endpoint:\n/login (Accessed 13 times)\n\nSuspicious Activity Detected:\nIP Address           Failed Login Attempts\n203.0.113.5          9\n192.168.1.100        6\n```\n\n### CSV File:\n#### Example (`log_analysis_results.csv`):\n```csv\nIP Address,Request Count\n203.0.113.5,8\n198.51.100.23,8\n192.168.1.1,7\n10.0.0.2,6\n192.168.1.100,5\n\nMost Accessed Endpoint,Access Count\n/login,13\n\nIP Address,Failed Login Attempts\n203.0.113.5,9\n192.168.1.100,6\n```\n\n---\n\n## **Configuration**\n\n### **Threshold for Failed Login Attempts**\nTo change the threshold for detecting suspicious activity, modify the `FAILED_LOGIN_THRESHOLD` constant in `main.py`:\n```python\nFAILED_LOGIN_THRESHOLD = \u003cdesired_threshold\u003e\n```\n\n---\n\n## **Project Structure**\n\n```\n.\n├── main.py              # Log analysis script\n├── sample.log           # Sample log file for testing\n├── log_analysis_results.csv # Generated CSV file with results\n├── README.md            # Project documentation\n```\n\n---\n\n## **Contributing**\n\n1. Fork the repository.\n2. Create a new branch:\n   ```bash\n   git checkout -b feature-branch\n   ```\n3. Commit your changes:\n   ```bash\n   git commit -m \"Add your message here\"\n   ```\n4. Push to the branch:\n   ```bash\n   git push origin feature-branch\n   ```\n5. Open a pull request.\n\n---\n\n## **License**\n\nThis project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.\n\n---\n\n## **Contact**\n\nFor any questions or feedback, please feel free to reach out via GitHub issues.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsamueljayasingh%2Flog-analysis","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsamueljayasingh%2Flog-analysis","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsamueljayasingh%2Flog-analysis/lists"}