static void Main(string[] args) { Logfileentries logfileentry = new Logfileentries(); List <Logfileentries> logfiles = new List <Logfileentries>(); string MMcountrydbpath = @"C:\Users\cerbe\Downloads\maxmind\GeoLite2-Country.mmdb"; string MMAsndbpath = @"C:\Users\cerbe\Downloads\maxmind\GeoLite2-ASN.mmdb"; string logpath1 = @"C:\yek\accesslogcombinedamazon.log"; string logpath2 = @"C:\yek\accesslogcombinedfrankfurt.log"; string logpath3 = @"C:\yek\accesslogcombinedlondon.log"; logfiles.AddRange(logfilesentry(MMcountrydbpath, MMAsndbpath, logpath1)); Console.WriteLine("amazon added"); logfiles.AddRange(logfilesentry(MMcountrydbpath, MMAsndbpath, logpath2)); Console.WriteLine("frankfurt added"); logfiles.AddRange(logfilesentry(MMcountrydbpath, MMAsndbpath, logpath3)); Console.WriteLine("london added"); int counter = 0; SQLiteConnection connection = new SQLiteConnection(@"Data Source=C:\yek\Nginx logs.db"); connection.Open(); SQLiteCommand insertSQL = new SQLiteCommand("INSERT INTO Accesslogs (AccessID, IPAddress, Timestamp, Logmethod, Logcountry, LogASN, LogDNS)" + " VALUES (@AccessID, @IPAddress, @Timestamp, @Logmethod, @Logcountry, @LogASN, @LogDNS)", connection); //SqliteConnection connection = new SqliteConnection(@"Data Source=C:\yek\Nginx logs.db"); //connection.Open(); List <string> counts = new List <string>(); Console.WriteLine("connection open"); //SqliteCommand insertSQL = new SqliteCommand("INSERT INTO Accesslogs (AccessID, IPAddress, Timestamp, Logmethod, Logcountry, LogASN, LogDNS"); foreach (Logfileentries log in logfiles) { Console.WriteLine(counter); //Console.WriteLine(log.Logipaddress+"||"+log.Logtimestamp+"||"+log.Logmethod+"||"+log.Logcountry+"||"+log.LogASN+"||"+log.LogDNS); counts.Add(counter.ToString()); insertSQL.Parameters.AddWithValue("AccessID", counter); insertSQL.Parameters.AddWithValue("IPAddress", log.Logipaddress); insertSQL.Parameters.AddWithValue("Timestamp", log.Logtimestamp); insertSQL.Parameters.AddWithValue("Logmethod", log.Logmethod); insertSQL.Parameters.AddWithValue("Logcountry", log.Logcountry); insertSQL.Parameters.AddWithValue("LogASN", log.LogASN); insertSQL.Parameters.AddWithValue("LogDNS", log.LogDNS); insertSQL.ExecuteNonQuery(); counter = counter + 1; } connection.Close(); Console.WriteLine("connection closed"); }
public static List <Logfileentries> logfilesentry(string dbcountrypath, string dbasnpath, string logpath) { List <Logfileentries> logentries = new List <Logfileentries>(); Regex IPaddress = new Regex(@"\b(?:\d{1,3}\.){3}\d{1,3}\b"); Regex Timestamp = new Regex(@"\d{2}\/\w{3}\/\d{4}:\d{2}:\d{2}:\d{2} (\+|\-)\d{4}"); Regex IPandTimestamp = new Regex(@"\b(?:\d{1,3}\.){3}\d{1,3}\b - - \[\d{2}\/\w{3}\/\d{4}:\d{2}:\d{2}:\d{2} (\+|\-)\d{4}\] "); DatabaseReader ipcountry = new DatabaseReader(dbcountrypath); DatabaseReader ipASN = new DatabaseReader(dbasnpath); string hostname = ""; foreach (var line in File.ReadLines(logpath)) { Logfileentries logfileentry = new Logfileentries(); Match iptimestamp = IPandTimestamp.Match(line); Match ipaddress = IPaddress.Match(iptimestamp.Value); Match timestamp = Timestamp.Match(iptimestamp.Value); //Console.WriteLine(ipaddress.Value); CountryResponse countryresponse = ipcountry.Country(ipaddress.Value); AsnResponse ASNresponse = ipASN.Asn(ipaddress.Value); try{ hostname = Dns.GetHostEntry(ipaddress.Value).HostName; } catch (SocketException) {} if (hostname == "") { hostname = "unknown domain"; } string[] logmethod = Regex.Split(line, IPandTimestamp.ToString()); logfileentry.Logipaddress = ipaddress.Value; logfileentry.Logtimestamp = timestamp.Value; logfileentry.Logmethod = logmethod[2]; logfileentry.Logcountry = countryresponse.Country.ToString(); logfileentry.LogASN = ASNresponse.AutonomousSystemOrganization.ToString(); logfileentry.LogDNS = hostname; logentries.Add(logfileentry); //Console.WriteLine(logfileentry.Logipaddress + "||" + logfileentry.Logtimestamp + "||" + logfileentry.Logmethod + "||" + logfileentry.Logcountry + "||" + logfileentry.LogASN + "||" + logfileentry.LogDNS); } return(logentries); }