订阅 漓筝轩 的RSS 

分析unix系统日期析取ftp登陆和断开信息

关于JAVA滴

使用com.enterprisedt.net.ftp库连接客户在HPUnix上的FTP服务器,不定时的出现连接不上去的情况,但是使用FTP客户端却可以直接连接。
客户不让telnet主机,只好要了syslog文件自己分析。
看了一下,相关FTPD的有三个记录
我不管连接的记录(ftp里面的conn操作),只处理login和logout操作。

如下

Dec 23 05:01:44 服务器主机名 ftpd[18609]: FTP LOGIN FROM 客户机IP地址 [客户机IP地址], fileplat
Dec 23 05:03:11 服务器主机名 ftpd[18609]: FTP session closed
Jan 28 09:28:48 服务器主机名 ftpd[18609]: FTP LOGIN FROM unicom-1 [客户机IP地址], fileplat
Jan 28 09:28:50 服务器主机名 ftpd[18609]: FTP session closed
Feb 17 21:37:35 服务器主机名 ftpd[18609]: FTP LOGIN FROM unicom-1 [客户机IP地址], fileplat
Feb 17 21:58:01 服务器主机名 ftpd[18609]: exiting on signal 14
Feb 19 02:38:34 服务器主机名 ftpd[18609]: FTP LOGIN FROM 客户机IP地址 [客户机IP地址], fileplat
Feb 19 02:38:35 服务器主机名 ftpd[18609]: FTP session closed

ftpd后面的方括号里面是客户登陆之后的进程号(线程号???),确定一个ftp Session。正常退出使用Ftp Session closed。否则是exiting on signal.
下面是简单的程序
程序将一个ftp登陆的数据操作记录到数据库,这样可以分析出客户连接主机的频率和每次时长

因为只用一次,代码很土

  java.io.BufferedReader r = new BufferedReader(new java.io.FileReader(
            "E:\\syslog.log"));
        FileWriter f = new FileWriter("e:\\syslog.sql");
        String str = null;
        int nRow = 0;
        java.util.Hashtable hashIpAddress = new java.util.Hashtable();
        java.util.Hashtable hashLoginTime = new java.util.Hashtable();
        while((str = r.readLine()) != null)
        {
            if(false == (
                //(str.indexOf("inetd[")>=0 && str.indexOf("ftp/tcp:")>=0)||
                (str.indexOf("ftpd[") >= 0 && str.indexOf("FTP") >= 0)
               ))
            {
                continue;
            }

            nRow++;
//            if(nRow>100)
//            {
//                break;
//            }
            //System.out.println(str);
            if(str.length() < 16)
            {
                continue;
            }
            String strDate = str.substring(0,16);
            String[] alldates = strDate.split(" ");
//            for(int i =0;i<alldates.length;i++)
//            {
//                System.out.println("Part "+i +"  "+alldates[i]);
//            }
            if(alldates[0].equals("Dec"))
            {
                strDate = "2005-12-";
            }
            else if(alldates[0].equals("Jan"))
            {
                strDate = "2006-01-";
            }
            else if(alldates[0].equals("Feb"))
            {
                strDate = "2006-02-";
            }
            else
            {
             continue;
            }
            if(alldates[1].trim().length()<1)
            {
                strDate+=alldates[2]+" "+alldates[3];
            }
            else
            {
                strDate+=alldates[1]+" "+alldates[2];
            }
            str = str.substring(16);
            String[] allparts = str.split(" ");
//            for(int i =0;i<allparts.length;i++)
//            {
//                System.out.println("Part "+i +"  "+allparts[i]);
//            }
            String strFtpID = allparts[1];
            strFtpID = strFtpID.substring(strFtpID.indexOf("[") + 1,
                                          strFtpID.indexOf("]"));
            boolean bCloseSection = str.indexOf("FTP LOGIN FROM")<0;
            String strSql = null;
            if(bCloseSection)
            {
                if(hashIpAddress.containsKey(strFtpID))
                {
                    //System.out.println(strFtpID+"断开连接 "+allparts[2]);
                    ss(sqlca,f, nRow, hashIpAddress, hashLoginTime, strDate, strFtpID, strSql);
                    hashIpAddress.remove(strFtpID);
                    hashLoginTime.remove(strFtpID);
                }
            }
            else
            {
                //System.out.println(strFtpID+"客户IP"+allparts[5]);
                if(str.indexOf("[您的IP地址]")>=0 && str.indexOf("FTP LOGIN FROM")>=0)
                {
                    hashIpAddress.put(strFtpID,"[您的IP地址]");
                    hashLoginTime.put(strFtpID,strDate);
                }
            }

        }
        f.flush();
        f.close();
        r.close();
        System.exit(1);
       
       
       
         private static void ss(FileWriter f,int nRow,Hashtable hash,Hashtable hash2,
                           String strDate,String strFtpID,String strSql)
        throws Exception
    {
        strSql =
            "insert into ftplog(logid,ip,logouttime,logintime) values(" +
            "'" + strFtpID + "'," +
            "'" + hash.get(strFtpID) + "'," +
            "to_date('" + strDate + "','yyyy-mm-dd HH24:mi:ss')," +
            "to_date('" + hash2.get(strFtpID) +
            "','yyyy-mm-dd HH24:mi:ss')" +
            ")";
        System.out.println(nRow + "     " + strSql);
        f.write(strSql + ";\r\n");
    }

posted @ 2006-02-21 18:04  Jeason  阅读(694)  评论(0编辑  收藏  举报
订阅 漓筝轩 的RSS