定时记录访问远程端口的ip地址
using System.Collections.Generic;
using System.Text;
using System.Net.NetworkInformation;
using System.Threading;
namespace PortListen
{
class Program
{
static void Main(string[] args)
{
while (true) {
GetTcpConnections();
Thread.Sleep(1000 * 20);
}
}
public static void GetTcpConnections()
{
Console.WriteLine("start " + DateTime.Now.ToString());
IPGlobalProperties properties = IPGlobalProperties.GetIPGlobalProperties();
TcpConnectionInformation[] connections = properties.GetActiveTcpConnections();
foreach (TcpConnectionInformation t in connections) {
if (t.LocalEndPoint.ToString().IndexOf(":3389") > 0) {
Console.Write("Local endpoint: {0} ", t.LocalEndPoint.ToString());
Console.Write("Remote endpoint: {0} ", t.RemoteEndPoint.ToString());
Console.WriteLine("{0}", t.State);
string data = t.RemoteEndPoint.ToString() + "\t" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss") + "\r\n";
SavaProcess(data);
}
}
//Console.WriteLine();
//Console.ReadLine();
}
public static String SavaProcess(string data)
{
System.DateTime currentTime = System.DateTime.Now;
//获取当前日期的前一天转换成ToFileTime
string strYMD = currentTime.ToString("yyyyMMdd");
//按照日期建立一个文件名
string FileName = "log" + strYMD + ".txt";
//设置目录
string CurDir = System.AppDomain.CurrentDomain.BaseDirectory + @"Logs";
//判断路径是否存在
if (!System.IO.Directory.Exists(CurDir)) {
System.IO.Directory.CreateDirectory(CurDir);
}
//不存在就创建
String FilePath = CurDir + "/" + FileName;
//文件覆盖方式添加内容
System.IO.StreamWriter file = new System.IO.StreamWriter(FilePath,true);
//保存数据到文件
file.Write(data);
//关闭文件
file.Close();
//释放对象
file.Dispose();
return FilePath;
}
}
}
===================================================================
日志分析程序
using System;
using System.Collections;
using System.Collections.Generic;
using System.Text;
using System.Net.NetworkInformation;
using System.Threading;
using System.Text.RegularExpressions;
namespace AnalysisLog
{
class Program
{
static void Main(string[] args)
{
Analysis();
}
static void Analysis()
{
Hashtable ht = new Hashtable();
string line;
System.IO.StreamReader file =
new System.IO.StreamReader(System.AppDomain.CurrentDomain.BaseDirectory + "log.txt");
while ((line = file.ReadLine()) != null) {
//System.Console.WriteLine(line);
string ipPattern = @"(^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*?";
Regex regex = new Regex(ipPattern);
MatchCollection mc = regex.Matches(line);
if (mc.Count > 0) {
string ip = mc[0].Groups[1].ToString();
if (ht.ContainsKey(ip)) {
long value = long.Parse(ht[ip].ToString());
ht[ip] = ++value;
}
else {
ht.Add(ip, 1);
}
}
}
file.Close();
if(ht.Count > 0) {
string[] keyArray=new string[ht.Count];
long[] valueArray=new long[ht.Count];
ht.Keys.CopyTo(keyArray, 0);
ht.Values.CopyTo(valueArray, 0);
//下面就是对Value进行排序,当然需要按排序结果将Keys的值也作对应的排列
//Sort默认是升序排序,如果想用降序排序请在Sort排序后使用Array.Reverse()进行反向排序
Array.Sort(valueArray, keyArray);
for (int i = 0; i < 10; i++) {
Console.WriteLine((i+1).ToString() + "." + keyArray[keyArray.Length - i -1] + "," + valueArray[valueArray.Length - i -1]);
}
}
System.Console.ReadKey();
}
}
}