A shiny app to explore nginx access logs and geolocate the connections
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

37 lines

  1. library(tidyverse)
  2. library(RSQLite)
  3. library(ipapi)
  4. # sqlite3 access.db
  5. # create table access(ip, null1, user, timestamp, zone, req, status, size, referer, agent, null2);
  6. # .separator " "
  7. # .import access.log access
  8. dbConnect(SQLite(), "access.db") %>%
  9. dbGetQuery("delete from access where ip = '' or user = 'maxx' or agent like '%bot%' or ip = '';")
  10. dbConnect(SQLite(), "access.db") %>%
  11. dbGetQuery("vacuum;")
  12. src_sqlite("access.db") %>%
  13. tbl("geoip") %>%
  14. select(query) %>%
  15. collect %>%
  16. pull(query) -> known_ips
  17. src_sqlite("access.db") %>%
  18. tbl("access") %>%
  19. select(ip) %>%
  20. collect %>%
  21. pull(ip) %>%
  22. unique %>%
  23. setdiff(known_ips) -> ips
  24. if (length(ips) > 0)
  25. {
  26. ips %>%
  27. geolocate -> geoip
  28. dbConnect(SQLite(), "access.db") %>%
  29. dbWriteTable("geoip", geoip, append = T)
  30. }