maxx
/
geologist
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
A shiny app to explore nginx access logs and geolocate the connections
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5 Commits
1 Branch
168KB
Tree: 7175ece4c4
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7175ece4c4'
${ noResults }
geologist/geoip.R

39 lines
857B
Raw Blame History 

  1. library(tidyverse)

  2. library(RSQLite)

  3. library(ipapi)

  4. # sqlite3 access.db

  5. # create table access(ip, null1, user, timestamp, zone, req, status, size, referer, agent, null2);

  6. # .separator " "

  7. # .import access.log access

  8. 

  9. dbConnect(SQLite(), "access.db") %>%

  10.   dbGetQuery("delete from access where ip = '192.168.0.254' or user = 'maxx' or agent like '%bot%' or ip = '164.2.255.244';")

  11. 

  12. dbConnect(SQLite(), "access.db") %>%

  13.   dbGetQuery("vacuum;")

  14. 

  15. known_ips <- character(0)

  16. 

  17. src_sqlite("access.db") %>%

  18.   tbl("geoip") %>%

  19.   select(query) %>%

  20.   collect %>%

  21.   pull(query) -> known_ips

  22. 

  23. src_sqlite("access.db") %>%

  24.   tbl("access") %>%

  25.   select(ip) %>%

  26.   collect %>%

  27.   pull(ip) %>%

  28.   unique %>%

  29.   setdiff(known_ips) -> ips

  30. 

  31. if (length(ips) > 0)

  32. {

  33.   ips %>%

  34.     geolocate -> geoip

  35. 

  36.   dbConnect(SQLite(), "access.db") %>%

  37.     dbWriteTable("geoip", geoip, append = T)

  38. }