0917_SAD
来源:互联网 发布:淘宝新店如何运营 编辑:程序博客网 时间:2024/06/05 09:09
说是要做,也不知道是什么,照着需求分析写了一版,先扔上来吧,最近忙成傻子了。
'需求分析:'登陆9.181.2.111 用户名:caof 密码:Gs1l2hab'cd 到 /var/GSNIlogs/ir-syslog01/logs'然后more var:log:messages.2015-8-28-4:0 | egrep "710003|710005|710006|1060[0-9][0-9]|109006|109008|109013|109023|109024|109025|304002|308001|605004|611102"'再多加一个过滤,只要抓主机名里有H7U和SNITKO的就可以了'样例:'Aug 27 04:14:10 146.89.224.11 Aug 27 2015 05:19:41 SNIHKTKOPFa : %ASA-3-710005: TCP request discarded from 122.10.102.48/36810 to ipsec_tun:118.140.225.156/22 'Aug 27 04:14:15 158.98.118.157 Aug 27 2015 04:35:57: %ASA-6-106021: Deny UDP reverse path check from 158.98.118.131 to 158.98.118.159 on interface SR '打包成Alert对象Class AlertPublic infoPublic ipPublic countEnd Class'预处理dim alerts(1000)dim alertcalertc = 0num = "710003|710005|710006|109006|109008|109013|109023|109024|109025|304002|308001|605004|611102"numSplit = Split(num, "|")username = inputbox("Please input your username:", "Username")password = inputbox("Please input your password:", "Password")host = inputbox("Please input your Host IP:", "Host IP")Sub Main'连接操作'SSH登录crt.Session.connectInTab("/SSH2 /L " & username & " /PASSWORD " & password & " " & host)'发送指令crt.screen.send "more var:log:messages.2015-8-28-4:0 | egrep " & Chr(34) & "710003|710005|710006|1060[0-9][0-9]|109006|109008|109013|109023|109024|109025|304002|308001|605004|611102" & Chr(34)'more处理do while true'读取满屏内容screenrow = crt.screen.CurrentRow - 1For counter = 1 To screenrowreadline = crt.get(counter, 1, counter, 80)if Instr(readline, "H7U") or Instr(readline, "SNITKO") thenreadlineSplit = Split(readline, " ")'对单行readline串进行字符串操作'==================================================='判断是否和任何num相同,分为两部分'1flag = falseFor i = 0 To UBound(numSplit)-LBound(numSplit)numSet = Instr(readline, numSplit(i))if numSet > 0 thenreadlineNum = len(readline)readlineInfo = mid(readline, numSet, readlineNum)'比较已有信息中是否包括readinfofor j = 0 to alertc-1if alerts(j).info = readlineInfo thenif alerts(j).ip = readlineSplit(3) thenalerts(j).count = alerts(j).count + 1flag = trueend ifend ifnextif flag = true thenexit forend ifend ifnext'2if flag = false thenFor i = 10600 To 10699numSet = Instr(readline, i)if numSet > 0 thenreadlineNum = len(readline)readlineInfo = mid(readline, numSet, readlineNum)'比较已有信息中是否包括readinfofor j = 0 to alertc-1if alerts(j).info = readlineInfo thenif alerts(j).ip = readlineSplit(3) thenalerts(j).count = alerts(j).count + 1flag = trueexit forend ifend ifnextif flag = true thenexit forend ifend ifnextend if'如果都没有找到,那么新建一个if flag = false thenalerts(alertc) = new Alertalerts(alertc).count = 1alerts(alertc).info = readlineInfoalerts(alertc).ip = readlineSplit(3)alertc = alertc + 1end if'===================================================end ifnext'moreif crt.screen.WaitForString ("More", 5) thencrt.screen.send chr(13)elseexit do'退出循环end ifloopSet fso = CreateObject("Scripting.FileSystemObject") Set finalResult = fso.OpenTextFile("result.csv", 2)for i = 0 to alertc-1 finalResult.writeline alerts(i).ip & " " & alerts(i).info & " " & alerts(i).countnext'断开连接crt.session.disconnect'crt.quitEnd Sub
0 0
- 0917_SAD
- 0917
- 日记0917
- 日记0917
- 开发手记0917
- 20170911~0917周总结
- 0917Android基础自定义View(Path)
- 0917Androird基础自定义View(Matrix)
- (php)0917 amp环境搭建
- 0917 纯代码、SB、XIB自定义Cell
- 机器学习研究会每周精华0917
- Android ADT Bundle 0917,SDK Tools r22.2.1 发布
- Android ADT Bundle 0917,SDK Tools r22.2.1下载
- 0917Android基础自定义View(颜色渲染PorterDuff及Xfermode)
- 0917Android基础自定义View的点击事件
- 0917 Cell分组 静态Cell xib创建页面 自定义控件
- (转转)2018校园招聘开发类试题0917
- 一起学习iOS开发专用词汇,每天记3个,助你变大牛(0917)
- 磁盘的分区扩容
- POJ3590,循环群构造(dfs做法)
- STL lower_bound与upper_bound
- Python sys模块常用方法 (六)
- Codeforces Round #319 (Div. 2) B. Modulo Sum
- 0917_SAD
- Missing Number
- getParameter和getAttribute的区别和各自的使用范围。
- Android Application解析
- android fix project properties是什么意思
- java.lang.StackOverflowError
- SQL Server中扫描(scan)和查找(seek)这两种算法的区别
- Yarn MapReduce内存分配
- win7 使用Notepad++文本编辑器编辑python