小贝子编程

更改现有脚本中的DNS查找



我有一个解析日志文件的脚本,它匹配IP、消息编号、日期和DNS名称。但由于我解析DNS的每一行,我解析它真的需要很长时间。在我得到所有匹配项后,我将它们计算在一起,以知道哪个ip发送了多少条消息。现有的脚本是:

$global:result = Get-Content $path | ForEach-Object {
if($_ -match '(d{2}.d{2}.d{4} d{2}:d{2}:d{2}).*(((?:d{1,3}.){3}d{1,3})) disconnected.?s+(d+) message[s]'){
try {
#$dns = [System.Net.Dns]::GetHostEntry($matches[2]).HostName
}
catch { 
#$dns = 'Not available' 
}
[PsCustomObject]@{
IP       = $matches[2]
Messages = [int]$matches[3]
#DNSName  = $dns
Date     = [datetime]::ParseExact($matches[1], 'dd.MM.yyyy HH:mm:ss', $null)
}}
$i++
if($i % 1000 -eq 0){
Write-Progress -activity "Searching for matches" -status "Scanned: $i of $($length)" -percentComplete (($i / $length)  * 100)

}}
Write-Progress -activity "Searching for matches" -status "Scanned: $i of $($length)" -percentComplete (($i / $length)  * 100)
#Messages Counted
$global:cumulative = $result | Group-Object -Property IP | ForEach-Object {
[PsCustomObject]@{
IP = $_.Name
Messages = ($_.Group | Measure-Object -Property Messages -Sum).Sum
#DNSName = $_.Group[0].DNSName
Date    = ($_.Group | Sort-Object Date)[-1].Date
}
}

在我对日志文件中获得的所有不同IP进行排序后,我如何进行DNS解析,并将其显示为累积结果之一?

只需将代码移动到为$global:cumulative:定义自定义对象的位置

$global:result = Get-Content $path | ForEach-Object {
if($_ -match '(d{2}.d{2}.d{4} d{2}:d{2}:d{2}).*(((?:d{1,3}.){3}d{1,3})) disconnected.?s+(d+) message[s]'){
[PsCustomObject]@{
IP       = $matches[2]
Messages = [int]$matches[3]
Date     = [datetime]::ParseExact($matches[1], 'dd.MM.yyyy HH:mm:ss', $null)
}}
$i++
if($i % 1000 -eq 0){
Write-Progress -activity "Searching for matches" -status "Scanned: $i of $($length)" -percentComplete (($i / $length)  * 100)

}}
Write-Progress -activity "Searching for matches" -status "Scanned: $i of $($length)" -percentComplete (($i / $length)  * 100)
#Messages Counted
$global:cumulative = $result | Group-Object -Property IP | ForEach-Object {
try {
$dns = [System.Net.Dns]::GetHostEntry($_.Name).HostName
}
catch { 
$dns = 'Not available' 
}
[PsCustomObject]@{
IP = $_.Name
Messages = ($_.Group | Measure-Object -Property Messages -Sum).Sum
DNSName = $dns
Date    = ($_.Group | Sort-Object Date)[-1].Date
}
}

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium