Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/tmmvn/ruby-catagrapher

A simple log parser test in ruby. Useful for seeing what vulnerabilities bots are trying to abuse on your VMs.
https://github.com/tmmvn/ruby-catagrapher

logparser ruby

Last synced: about 2 months ago
JSON representation

A simple log parser test in ruby. Useful for seeing what vulnerabilities bots are trying to abuse on your VMs.

Host: GitHub
URL: https://github.com/tmmvn/ruby-catagrapher
Owner: tmmvn
License: other
Created: 2024-08-28T03:10:51.000Z (5 months ago)
Default Branch: core
Last Pushed: 2024-08-28T03:19:25.000Z (5 months ago)
Last Synced: 2024-10-13T02:21:03.708Z (3 months ago)
Topics: logparser, ruby
Language: Ruby
Homepage:
Size: 3.91 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE.md

Awesome Lists containing this project

README

        I was curious to see what all things bots are trying to exploit on my VMs, the naughty IP addresses, and what not. So I wrote a simple Ruby script to parse a log file.

I believe the format assumed is the default CentOS rsyslog format:

```

Jul 15 05:00:01  tower devd[38761]: Pushing table

```

An example output in current setup would look like this:

```

7403

["82.144.183.66", 2079]

["admin", 2048]

["141.98.11.11", 1537]

["62.122.184.71", 1092]

["141.98.11.113", 973]

["ubuntu", 928]

["test", 800]

["217.76.51.101", 796]

["14.199.160.53", 796]

["user", 680]

```

The current setup parses the counts how many times a certain IP address or username shows up in the logs. It is easy enough to configure / expand to parse and output whatever you are interested in.