我正在尝试从 Apache 日志文件中获取 IP 地址并计算唯一 IP
此 Apache 日志文件有 22.22.22.22 次以上 10 次和 125.245.25.25 次以上 10 次
我正在尝试在 Apache 日志文件中获取 IP 超过 10 次
我的 PHP 代码
<?php
$iplist_file="/home/domain/public_html/iplist.txt";
$iplist_file=file_get_contents($iplist_file);
preg_match_all('/'d{1,3}'.'d{1,3}'.'d{1,3}'.'d{1,3}/',$iplist_file,$a);
$count = count($a[0]);
echo "<b>Number of ip</b> = " .$count."<p>";
?>
文本文件
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
125.245.25.25 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
125.245.25.25 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
125.245.25.25 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
125.245.25.25 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15)
对于从日志中获取所有IP,您可以使用这个非常相似的正则表达式:
preg_match_all('/^(?P<ip>'d{1,3}'.'d{1,3}'.'d{1,3}'.'d{1,3})/m', $iplist_content, $matches);
标志m
在这里用于多行模式 (http://php.net/manual/en/reference.pcre.pattern.modifiers.php),?P<ip>
用于命名捕获组 - 而不是我$matches['ip']
$matches[1]
(这不是必需的)。
正如我所说,在$matches['ip']
,您拥有所有建立在日志中的IP。对于计数,您可以使用简单的循环,或者更好的是您可以使用 fnc array_count_values
。
当我们把这一切放在一起时,我们得到这个:
<?php
$iplist_file = "/home/domain/public_html/iplist.txt";
$iplist_content = file_get_contents($iplist_file);
preg_match_all('/^(?P<ip>'d{1,3}'.'d{1,3}'.'d{1,3}'.'d{1,3})/m', $iplist_content, $matches);
foreach (array_count_values($matches['ip']) as $ip => $count) {
print $ip . ': ' . $count . '<br>';
}