devops/dns-inspector
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

базовая структура проекта создана

Browse Source
This commit is contained in:
unknown
2025-08-25 23:57:27 +03:00
parent caac61bbd5
commit c3a7fa53a0
7 changed files with 35 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
parser/parse_dns_logs.py Normal file
View File

@@ -0,0 +1,29 @@
import re, sqlite3, os
from datetime import datetime
db = sqlite3.connect('../db/dns.sqlite')
db.execute('''CREATE TABLE IF NOT EXISTS logs (
id INTEGER PRIMARY KEY AUTOINCREMENT,
timestamp TEXT,
src_ip TEXT,
qtype TEXT,
domain TEXT
)''')
pattern = re.compile(r'(\d{2}/\d{2}/\d{4} \d{2}:\d{2}:\d{2}).*UDP Rcv (\d+\.\d+\.\d+\.\d+).*Q
\[.*\]
(\w+) ([\w\.-]+)\.')
for filename in os.listdir('../logs'):
if filename.startswith('dns') and filename.endswith('.log'):
with open(f'../logs/{filename}', encoding='utf-8') as f:
for line in f:
match = pattern.search(line)
if match:
ts = datetime.strptime(match.group(1), "%d/%m/%Y %H:%M:%S")
db.execute("INSERT INTO logs (timestamp, src_ip, qtype, domain) VALUES (?, ?, ?, ?)",
(ts.isoformat(), match.group(2), match.group(3), match.group(4)))
db.commit()
db.close()