利用python分析nginx日志

最近在学习python,写了个脚本分析nginx日志,练练手。写得比较粗糙,但基本功能可以实现。

脚本功能:查找出当天访问次数前十位的IP,并获取该IP来源,并将分析结果发送邮件到指定邮箱。

实现前两项功能的脚本内容如下:

#!/usr/bin/env python
# coding:utf-8
# date:2015-12-10
# author:eivll0m

import urllib
import json

url = 'http://ip.taobao.com/service/getIpInfo.php?ip='

def ip_find(ip):
    data = urllib.urlopen(url + ip).read()
    datadict = json.loads(data)
    for oneinfo in datadict:
        if 'code' == oneinfo:
            if datadict[oneinfo] == 0:
                return datadict['data']['country'] + datadict['data']['region'] + datadict['data']['city'] + '\t' + datadict['data']['isp']

def sort_value(s):
    d = sorted(s.iteritems(),key=lambda t:t[1],reverse=True)
    return d

if __name__ == '__main__':
    with open('access.log') as f:
        d = {}
        for line in f:
            field = line.split()
            if field[0] not in d:
                d.setdefault(field[0],[])
            d[field[0]].append(field[0])

        s = {}
        for k in d:
            s[k] = len(d[k])
        s = sort_value(s)[0:10]
        print '访问IP\t\t\t访问次数\t\tIP来源'
        print '----------------------------------------------------------------------------'
        for ip,con in s:
            print str(ip) + '\t\t' + str(con) + '\t\t' + ip_find(ip)

执行效果如下:

加入发送邮件功能,最终版本:

#!/usr/bin/env python
# coding:utf-8
# date:2015-12-10
# author:eivll0m

import urllib
import json
import time
from email import encoders
from email.header import Header
from email.mime.text import MIMEText
from email.utils import parseaddr, formataddr
import smtplib

url = 'http://ip.taobao.com/service/getIpInfo.php?ip='

def ip_find(ip):
    data = urllib.urlopen(url + ip).read()
    datadict = json.loads(data)
    for oneinfo in datadict:
        if 'code' == oneinfo:
            if datadict[oneinfo] == 0:
                return datadict['data']['country'] + datadict['data']['region'] + datadict['data']['city'] + '\t' + datadict['data']['isp']

def sort_value(s):
    d = sorted(s.iteritems(),key=lambda t:t[1],reverse=True)
    return d

def _format_addr(s):
    name, addr = parseaddr(s)
    return formataddr(( \
        Header(name, 'utf-8').encode(), \
        addr.encode('utf-8') if isinstance(addr, unicode) else addr))

if __name__ == '__main__':
    date_time = time.strftime('%Y-%m-%d %H:%M:%S')
    from_addr = 'xxxxxx@163.com'
    password = 'uoodfdnddaeqjq'
    to_addr = 'xxxxxxx@qq.com'
    smtp_server = 'smtp.163.com'
    with open('access.log') as f:
        d = {}
        for line in f:
            field = line.split()
            if field[0] not in d:
                d.setdefault(field[0],[])
            d[field[0]].append(field[0])

        s = {}
        for k in d:
            s[k] = len(d[k])
        s = sort_value(s)[0:10]
        text = date_time + '\n'
        text = text + '\n' + u'访问IP\t\t\t访问次数\t\tIP来源' 
        text = text + '\n' + '----------------------------------------------------------------------------'
        for ip,con in s:
            text = text + '\n' + str(ip) + '\t\t' + str(con) + '\t\t' + ip_find(ip)
        text =  text + '\n' '----------------------------------------------------------------------------'
        
        msg = MIMEText(text, 'plain', 'utf-8')
        msg['From'] = _format_addr(u'监控 <%s>' % from_addr)
        msg['To'] = _format_addr(u'管理员 <%s>' % to_addr)
        msg['Subject'] = Header(u'Nginx日志分析……', 'utf-8').encode()

        server = smtplib.SMTP(smtp_server, 25)
        server.set_debuglevel(1)
        server.login(from_addr, password)
        server.sendmail(from_addr, [to_addr], msg.as_string())
        server.quit()

执行脚本后收到邮件:

 

posted on 2015-12-10 17:38  K‘e0llm  阅读(1234)  评论(0编辑  收藏  举报

导航