Saturday, November 27, 2021

#26 2021-09-30 12:33:37 am

wch1zpink
Member
Registered: 2011-08-20
Posts: 69

Re: Cleaning data out of a text file?

Revised:

Applescript:

property stripText : " | cut -d' ' -f7 | tr -d ',' | egrep -v 'source'"
property logFileName : "Logged IPs.txt"

on open of theFiles -- Handles single or multiple dropped files
   set oldClipboard to the clipboard
   repeat with aFile in theFiles
       tell application "Finder" to set sourceFilePath to container of aFile as alias
       set cleanedText to do shell script "cat " & ¬
           quoted form of POSIX path of aFile & stripText
       do shell script "echo -n " & quoted form of cleanedText & " >> " & ¬
           quoted form of POSIX path of sourceFilePath & quoted form of logFileName
   end repeat
   set AppleScript's text item delimiters to linefeed
   set theContentWords to words of ¬
       (read POSIX path of sourceFilePath & logFileName) as text
   set the clipboard to theContentWords
   do shell script "pbpaste | sort -n | uniq > " & ¬
       quoted form of POSIX path of sourceFilePath & quoted form of logFileName
   set the clipboard to oldClipboard
end open

Offline

 

#27 2021-10-01 05:11:14 am

dbrewood
Member
From:: Manchester, UK
Registered: 2020-11-30
Posts: 41

Re: Cleaning data out of a text file?

peavine wrote:

I only have a passing familiarity with regex and no experience with its use with ASObjC, and I thought writing a script utilizing these might be a good learning experience. The timing test result was 65 milliseconds, which is only respectable, but the script should be reliable. The basic ASObjC regex code was from Shane's book.


Sorry for the delay in responding, I've been away on holiday. Just tried this put and it works perfectly.

Offline

 

#28 2021-10-01 05:13:06 am

dbrewood
Member
From:: Manchester, UK
Registered: 2020-11-30
Posts: 41

Re: Cleaning data out of a text file?

wch1zpink wrote:

Revised:



As per previous post, I've been on holiday. Just tried this out on:

[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 23:54:51
[DoS Attack: SYN/ACK Scan] from source: 213.5.229.18, port 3306, Saturday, September 25, 2021 23:14:09
[DoS Attack: SYN/ACK Scan] from source: 23.234.229.19, port 80, Saturday, September 25, 2021 23:06:51
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 23:04:37
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 23:04:35
[DoS Attack: SYN/ACK Scan] from source: 35.186.220.63, port 80, Saturday, September 25, 2021 22:48:11
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 22:40:32
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 22:04:26
[DoS Attack: SYN/ACK Scan] from source: 104.82.149.182, port 443, Saturday, September 25, 2021 21:31:44
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 21:04:35
[DoS Attack: SYN/ACK Scan] from source: 213.186.33.2, port 443, Saturday, September 25, 2021 21:03:42
[DoS Attack: RST Scan] from source: 177.234.152.194, port 7172, Saturday, September 25, 2021 20:40:06
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 20:37:54
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 20:32:18
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 20:21:40
[DoS Attack: TCP/UDP Chargen] from source: 185.94.111.1, port 39702, Saturday, September 25, 2021 20:13:36
[DoS Attack: SYN/ACK Scan] from source: 192.124.249.107, port 443, Saturday, September 25, 2021 20:02:23
[DoS Attack: SYN/ACK Scan] from source: 198.23.200.243, port 80, Saturday, September 25, 2021 19:55:25
[DoS Attack: SYN/ACK Scan] from source: 192.124.249.107, port 443, Saturday, September 25, 2021 19:54:22
[DoS Attack: SYN/ACK Scan] from source: 23.234.229.19, port 80, Saturday, September 25, 2021 19:22:39
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 19:13:39
[DoS Attack: SYN/ACK Scan] from source: 204.74.99.100, port 80, Saturday, September 25, 2021 19:11:08
[DoS Attack: SYN/ACK Scan] from source: 192.124.249.107, port 443, Saturday, September 25, 2021 19:08:48
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 19:00:24
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 18:43:43
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 18:40:48
[DoS Attack: RST Scan] from source: 52.113.194.133, port 80, Saturday, September 25, 2021 18:38:02
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 18:36:19
[DoS Attack: SYN/ACK Scan] from source: 2.16.75.200, port 443, Saturday, September 25, 2021 18:35:17
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 18:30:39
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 18:28:35
[DoS Attack: SYN/ACK Scan] from source: 192.124.249.107, port 443, Saturday, September 25, 2021 18:21:14
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 18:13:02
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 18:07:35
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 17:58:44
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 17:44:24
[DoS Attack: ACK Scan] from source: 79.174.70.178, port 443, Saturday, September 25, 2021 17:38:10
[DoS Attack: ACK Scan] from source: 79.174.70.178, port 443, Saturday, September 25, 2021 17:26:02
[DoS Attack: SYN/ACK Scan] from source: 95.217.83.105, port 25565, Saturday, September 25, 2021 17:20:48
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 17:07:14
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 16:40:03
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 16:39:38
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 16:39:31
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 16:39:20
[DoS Attack: ACK Scan] from source: 79.174.70.178, port 443, Saturday, September 25, 2021 16:36:36
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 16:29:50
[DoS Attack: ACK Scan] from source: 45.85.218.56, port 80, Saturday, September 25, 2021 16:20:26
[DoS Attack: ACK Scan] from source: 45.85.218.56, port 80, Saturday, September 25, 2021 16:20:20
[DoS Attack: ACK Scan] from source: 79.174.70.178, port 443, Saturday, September 25, 2021 16:12:32
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 16:09:27
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 15:24:34
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 14:57:55
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 14:04:37
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 13:44:11
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 13:11:19
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 12:48:06
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 12:11:35
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 11:54:58
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 10:54:20
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 10:54:03
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 10:40:16
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 10:32:38
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 10:28:51
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 09:46:08
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 09:13:35
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 09:08:57
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 08:56:27
[DoS Attack: UDP Port Scan] from source: 103.145.13.56, port 5261, Saturday, September 25, 2021 08:36:32
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 08:29:44
[DoS Attack: SYN/ACK Scan] from source: 95.217.30.172, port 443, Saturday, September 25, 2021 08:23:29
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 08:05:04
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 07:50:01
[DoS Attack: SYN/ACK Scan] from source: 104.21.192.109, port 80, Saturday, September 25, 2021 07:48:14
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 07:16:36
[DoS Attack: TCP/UDP Chargen] from source: 184.105.139.77, port 54424, Saturday, September 25, 2021 07:05:27
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 06:59:32
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 06:52:48
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 06:42:45
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 06:37:06
[DoS Attack: RST Scan] from source: 204.79.197.222, port 80, Saturday, September 25, 2021 06:32:15
[DoS Attack: SYN/ACK Scan] from source: 204.79.197.222, port 80, Saturday, September 25, 2021 06:32:12
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 06:23:17
[DoS Attack: SYN/ACK Scan] from source: 95.217.30.172, port 443, Saturday, September 25, 2021 05:46:50
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 05:40:09
[DoS Attack: UDP Port Scan] from source: 111.40.50.89, port 17075, Saturday, September 25, 2021 05:24:32
[DoS Attack: UDP Port Scan] from source: 111.40.50.89, port 15957, Saturday, September 25, 2021 05:24:31
[DoS Attack: RST Scan] from source: 139.59.228.97, port 80, Saturday, September 25, 2021 05:14:42
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 04:57:56
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 04:33:30
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 04:05:57
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 03:30:20
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 03:23:12
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 02:40:43
[DoS Attack: SYN/ACK Scan] from source: 144.172.73.16, port 22, Saturday, September 25, 2021 01:39:05
[DoS Attack: SYN/ACK Scan] from source: 144.172.73.16, port 22, Saturday, September 25, 2021 01:36:07
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 01:31:12
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 01:24:03
[DoS Attack: SYN/ACK Scan] from source: 54.36.218.102, port 22, Saturday, September 25, 2021 01:21:43
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 01:21:37
[DoS Attack: SYN/ACK Scan] from source: 95.217.30.172, port 443, Saturday, September 25, 2021 01:17:34
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 01:13:03
[DoS Attack: SYN/ACK Scan] from source: 88.99.208.125, port 25565, Saturday, September 25, 2021 01:12:17
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 01:05:32
[DoS Attack: SYN/ACK Scan] from source: 134.255.220.82, port 30120, Saturday, September 25, 2021 00:41:11
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 00:34:05
[DoS Attack: SYN/ACK Scan] from source: 93.114.82.3, port 13901, Saturday, September 25, 2021 00:27:37
[DoS Attack: SYN/ACK Scan] from source: 185.19.216.119, port 8081, Saturday, September 25, 2021 00:26:52
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 00:24:40
[DoS Attack: SYN/ACK Scan] from source: 88.99.213.221, port 80, Saturday, September 25, 2021 00:16:35
[DoS Attack: ACK Scan] from source: 84.53.169.133, port 443, Saturday, September 25, 2021 00:11:21
[DoS Attack: RST Scan] from source: 23.148.145.7, port 44086, Friday, September 24, 2021 23:57:06
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 23:52:19
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 23:52:18
[DoS Attack: RST Scan] from source: 216.250.254.67, port 43676, Friday, September 24, 2021 23:48:08
[DoS Attack: RST Scan] from source: 23.148.145.233, port 47220, Friday, September 24, 2021 23:40:56
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Friday, September 24, 2021 23:24:19
[DoS Attack: RST Scan] from source: 216.250.254.67, port 41821, Friday, September 24, 2021 23:19:58
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 23:10:58
[DoS Attack: TCP/UDP Echo] from source: 141.212.123.208, port 45054, Friday, September 24, 2021 23:04:17
[DoS Attack: ACK Scan] from source: 146.0.16.243, port 80, Friday, September 24, 2021 22:33:16
[DoS Attack: SYN/ACK Scan] from source: 88.99.213.221, port 80, Friday, September 24, 2021 22:26:02
[DoS Attack: ACK Scan] from source: 104.96.80.41, port 443, Friday, September 24, 2021 22:22:20
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 22:13:15
[DoS Attack: SYN/ACK Scan] from source: 88.99.213.221, port 80, Friday, September 24, 2021 22:04:41
[DoS Attack: SYN/ACK Scan] from source: 95.217.30.172, port 443, Friday, September 24, 2021 22:02:10
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 21:44:54
[DoS Attack: RST Scan] from source: 45.234.96.30, port 21674, Friday, September 24, 2021 20:35:06
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Friday, September 24, 2021 20:26:29
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Friday, September 24, 2021 20:04:23
[DoS Attack: SYN/ACK Scan] from source: 46.105.114.88, port 25565, Friday, September 24, 2021 19:48:20
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 19:46:03
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 19:20:10
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 18:59:23
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 18:50:45
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 18:50:13
[DoS Attack: ACK Scan] from source: 73.4.169.252, port 9000, Friday, September 24, 2021 18:44:58
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 18:42:36
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 18:38:06
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 18:23:07
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 18:12:08
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 17:54:05
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 17:41:24
[DoS Attack: ACK Scan] from source: 104.96.80.41, port 443, Friday, September 24, 2021 17:31:45
[DoS Attack: ACK Scan] from source: 104.96.80.41, port 443, Friday, September 24, 2021 17:31:05
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 17:18:46
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 17:02:44
[DoS Attack: SYN/ACK Scan] from source: 162.241.216.182, port 443, Friday, September 24, 2021 17:00:41
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 16:55:59
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 16:41:05
[DoS Attack: ACK Scan] from source: 73.4.169.252, port 9000, Friday, September 24, 2021 16:38:34
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 16:38:02
[DoS Attack: SYN/ACK Scan] from source: 178.254.210.57, port 80, Friday, September 24, 2021 16:36:34
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 16:26:07
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Friday, September 24, 2021 15:58:49
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 15:54:37
[DoS Attack: TCP/UDP Chargen] from source: 176.126.175.215, port 58284, Friday, September 24, 2021 15:52:18
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 15:49:31
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 15:31:34
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 15:06:11
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 15:04:20
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 14:50:56
[DoS Attack: SYN/ACK Scan] from source: 167.233.9.51, port 80, Friday, September 24, 2021 14:48:54
[DoS Attack: RST Scan] from source: 34.120.67.236, port 443, Friday, September 24, 2021 14:45:21
[DoS Attack: SYN/ACK Scan] from source: 95.217.30.172, port 443, Friday, September 24, 2021 14:38:58
[DoS Attack: RST Scan] from source: 62.171.140.77, port 8000, Friday, September 24, 2021 14:37:36
[DoS Attack: ARP Attack] from source: 192.168.1.66, Friday, September 24, 2021 14:35:32
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:35:29
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:35:28
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:35:26
[DoS Attack: ARP Attack] from source: 192.168.1.66, Friday, September 24, 2021 14:35:25
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:35:24
[DoS Attack: ARP Attack] from source: 192.168.1.80, Friday, September 24, 2021 14:35:23
[DoS Attack: ARP Attack] from source: 192.168.1.71, Friday, September 24, 2021 14:35:22
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:35:19
[DoS Attack: ARP Attack] from source: 169.254.141.163, Friday, September 24, 2021 14:35:14
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:35:13
[DoS Attack: ARP Attack] from source: 192.168.1.80, Friday, September 24, 2021 14:35:12
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:35:11
[DoS Attack: ARP Attack] from source: 169.254.141.163, Friday, September 24, 2021 14:35:09
[DoS Attack: ARP Attack] from source: 192.168.1.80, Friday, September 24, 2021 14:35:08
[DoS Attack: ARP Attack] from source: 192.168.1.74, Friday, September 24, 2021 14:35:04
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:35:04
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:53
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:34:52
[DoS Attack: ARP Attack] from source: 192.168.1.200, Friday, September 24, 2021 14:34:51
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:49
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:44
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:34:43
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:32
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:31
[DoS Attack: ARP Attack] from source: 192.168.1.250, Friday, September 24, 2021 14:34:30
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:24
[DoS Attack: ARP Attack] from source: 192.168.1.3, Friday, September 24, 2021 14:34:23
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:22
[DoS Attack: ARP Attack] from source: 192.168.1.200, Friday, September 24, 2021 14:34:21
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:19
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:34:18
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:11
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:34:10
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:09
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:34:08
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:04
[DoS Attack: ARP Attack] from source: 192.168.1.67, Friday, September 24, 2021 14:34:02
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:34:01
[DoS Attack: ARP Attack] from source: 192.168.1.67, Friday, September 24, 2021 14:34:00
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:33:59
[DoS Attack: ARP Attack] from source: 192.168.1.67, Friday, September 24, 2021 14:33:56
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:33:54
[DoS Attack: ARP Attack] from source: 192.168.1.75, Friday, September 24, 2021 14:33:53
[DoS Attack: RST Scan] from source: 104.82.149.182, port 443, Friday, September 24, 2021 14:33:31

Worked great but left a stray 'n' on the first line of the output, i.e.

n
2.16.75.200
23.148.145.233

Last edited by dbrewood (2021-10-01 05:13:25 am)

Offline

 

#29 2021-10-01 08:21:05 am

wch1zpink
Member
Registered: 2011-08-20
Posts: 69

Re: Cleaning data out of a text file?

dbrewood wrote:
wch1zpink wrote:

Revised:

Worked great but left a stray 'n' on the first line of the output, i.e.

n
2.16.75.200
23.148.145.233



Just needed to remove the "-n" option from the "echo" command.


Applescript:

property stripText : " | cut -d' ' -f7 | tr -d ',' | egrep -v 'source'"
property logFileName : "Logged IPs.txt"

on open of theFiles -- Handles single or multiple dropped files
   set oldClipboard to the clipboard
   repeat with aFile in theFiles
       tell application "Finder" to set sourceFilePath to container of aFile as alias
       set cleanedText to do shell script "cat " & ¬
           quoted form of POSIX path of aFile & stripText
       do shell script "echo " & quoted form of cleanedText & " >> " & ¬
           quoted form of POSIX path of sourceFilePath & quoted form of logFileName
   end repeat
   set AppleScript's text item delimiters to linefeed
   set theContentWords to words of ¬
       (read POSIX path of sourceFilePath & logFileName) as text
   set the clipboard to theContentWords
   do shell script "pbpaste | sort -n | uniq > " & ¬
       quoted form of POSIX path of sourceFilePath & quoted form of logFileName
   set the clipboard to oldClipboard
end open

Offline

 

#30 2021-10-01 10:25:39 am

dbrewood
Member
From:: Manchester, UK
Registered: 2020-11-30
Posts: 41

Re: Cleaning data out of a text file?

Ah ha that did indeed fix it. Many thanks!

Offline

 

#31 2021-10-01 03:47:40 pm

peavine
Member
From:: Prescott, Arizona
Registered: 2018-09-04
Posts: 1133

Re: Cleaning data out of a text file?

Marc Anthony wrote:

This is unlikely to be as fast as the delimiter method, but I like regex for this.

For single files:

Applescript:

do shell script "echo " & my (read (choose file))'s quoted form & " | egrep -o '(\\d{1,3}[.]?){4}' | sort -h | uniq >> " & ((path to desktop as text) & "IP.txt")'s POSIX path's quoted form



I mentioned above that I'm learning regular expressions, so I had a look at Marc Anthony's script for that reason. It correctly returns the IP addresses, but it appears to return every other number that contains 4 or more digits.

I rewrote the regular expression, and it seemed to work as desired. It was also the fastest of the working suggestions.

Applescript:

do shell script "echo " & my (read (choose file))'s quoted form & " | egrep -o '(\\d{1,3}\\.){3}\\d{1,3}' | sort -h | uniq >> " & ((path to desktop as text) & "IP.txt")'s POSIX path's quoted form

Last edited by peavine (2021-10-01 07:40:21 pm)


2018 Mac mini - macOS Monterey - Script Debugger 8

Offline

 

#32 2021-10-01 05:58:06 pm

Mockman
Member
From:: Toronto
Registered: 2020-05-27
Posts: 150

Re: Cleaning data out of a text file?

If you search for 'regex ip address' or stuff like that, you'll find many pages that discuss this. While the regex used here works generally, it won't exclude incorrect addresses (e.g. those with number sets > 255) but that doesn't look like it would be an issue here and it is less complex than those that do incorporate that constraint.

Offline

 

#33 2021-10-02 07:13:49 am

Marc Anthony
Member
From:: Dallas, TX
Registered: 2006-04-27
Posts: 1052

Re: Cleaning data out of a text file?

peavine wrote:



I mentioned above that I'm learning regular expressions, so I had a look at Marc Anthony's script for that reason. It correctly returns the IP addresses, but it appears to return every other number that contains 4 or more digits.



I originally posted a correctly working regex, edited it to shorten the pattern, realized the error after supplemental testing, and changed it back shortly after. smile You captured the code in flux.

peavine wrote:


It was also the fastest of the working suggestions.



That's a little surprising, as TIDs tend to be very speedy, but... woohoo!  Chalk one one up for shell scripting.

Last edited by Marc Anthony (2021-10-02 07:19:34 am)

Offline

 

#34 2021-11-17 02:33:17 am

dbrewood
Member
From:: Manchester, UK
Registered: 2020-11-30
Posts: 41

Re: Cleaning data out of a text file?

Guys the script(s) are working well.

I'm submitting the IP's which are attacking and it is working well. However I'm told that some of them are duplicates of those already on the master list of IP's. So would it be possible for the script to access another list of IPs and remove any that are already on that list?

Thanks in advance for any thoughts. Oh if it helps the preferred script I'm using is this one (as it avoids conflicts with Bitdefender):

Applescript:

use framework "Foundation"
use scripting additions

on open theDroppedItems
   set theFile to POSIX path of item 1 of theDroppedItems
   set theIPFile to getFileName(theFile)
   set theText to (current application's NSString's stringWithContentsOfFile:theFile encoding:(current application's NSUTF8StringEncoding) |error|:(missing value))
   set theIPData to getIPData(theText)
   (current application's NSString's stringWithString:theIPData)'s writeToFile:theIPFile atomically:true encoding:(current application's NSUTF8StringEncoding) |error|:(missing value)
end open

on getIPData(theText)
   set regExPattern to "[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+"
   set theRegEx to current application's NSRegularExpression's regularExpressionWithPattern:regExPattern options:0 |error|:(missing value)
   set regExMatches to theRegEx's matchesInString:theText options:0 range:{location:0, |length|:theText's |length|()}
   
   set ipList to {}
   repeat with anItem in regExMatches
       set end of ipList to (theText's substringWithRange:(anItem's range())) as text
   end repeat
   
   set ipSet to current application's NSOrderedSet's orderedSetWithArray:ipList
   set ipSortedArray to ipSet's array()'s sortedArrayUsingSelector:"localizedStandardCompare:"
   
   return ((ipSortedArray's componentsJoinedByString:linefeed) as text)
end getIPData

on getFileName(theFile)
   set theFile to current application's NSString's stringWithString:theFile
   set fileBase to theFile's stringByDeletingPathExtension()
   set fileExtension to theFile's pathExtension()
   return ((fileBase's stringByAppendingString:"_IP_CLEANED")'s stringByAppendingPathExtension:fileExtension)
end getFileName

Last edited by dbrewood (2021-11-17 03:26:11 am)

Offline

 

#35 2021-11-17 06:25:51 am

KniazidisR
Member
From:: Greece
Registered: 2019-03-03
Posts: 2154

Re: Cleaning data out of a text file?

To do this, you'd better write the filtering results of each text not to some new file, but to the existing properties list (.plist) of your script (application). This will change the script itself a lot. There are enough users here who can help with this. I have no time now.

Other choice is: use one persistent text file for filtering results (that is, the name and location hard-coded). When dropping the unfiltered text file on your droplet, it should firstly read contents of persistent text file into the oldIPs list variable, then append only new non-duplicate IPs to oldIPs, then sort,  then write the updated list back to the persistent text file. This will change the script itself a lot as well. I have no time now.

Last edited by KniazidisR (2021-11-17 06:49:59 am)


Model: MacBook Pro
OS X: Catalina 10.15.7
Web Browser: Safari 14.1
Ram: 4 GB

Offline

 

#36 2021-11-17 06:56:51 am

dbrewood
Member
From:: Manchester, UK
Registered: 2020-11-30
Posts: 41

Re: Cleaning data out of a text file?

Understood. The second option would be preferred I guess as I do keep a copy of the master list in the same location.

Any help from anyone would be appreciated. smile

Offline

 

#37 2021-11-17 07:19:39 am

KniazidisR
Member
From:: Greece
Registered: 2019-03-03
Posts: 2154

Re: Cleaning data out of a text file?

I think, code in the post #14 is what you asked for just now


Model: MacBook Pro
OS X: Catalina 10.15.7
Web Browser: Safari 14.1
Ram: 4 GB

Offline

 

#38 2021-11-17 08:09:01 am

dbrewood
Member
From:: Manchester, UK
Registered: 2020-11-30
Posts: 41

Re: Cleaning data out of a text file?

I think I misread what the second option was. The master (deny) IP list is not maintained by myself but a third party. That list is updated weekly (if not daily) with all the IPs that need to be blocked on a Synology (or similar) NAS.

What I'm now looking to do is to download the latest incarnation of that list and then process my IP list from my Orbi router, remove the duplicates and sort it (as we do now) and then open the third party deny list and remove any IP addresses which are already in the master deny list.

That way any IPs I submit are only those that are new and need including in the master list. This way the author of the master deny list does not have to check all my submissions manually where a great number may be duplicated. As an example last week I submitted 25 IPs for blocking and all 25 it turns out were already on the list.

Offline

 

#39 2021-11-17 09:07:35 am

peavine
Member
From:: Prescott, Arizona
Registered: 2018-09-04
Posts: 1133

Re: Cleaning data out of a text file?

dbrewood. I've modified my script to work as you want. The script prompts for the IP deny list, which seems a bit awkward, but the actual path can be placed in the script instead. The IP deny list has to be paragraph-separated text of IP addresses only. I tested the script and it worked without issue.

Applescript:

use framework "Foundation"
use scripting additions

on open theDroppedItems
   set theFile to POSIX path of item 1 of theDroppedItems
   set theExistingFile to POSIX path of (choose file)
   set theIPFile to getFileName(theFile)
   
   set theText to (current application's NSString's stringWithContentsOfFile:theFile encoding:(current application's NSUTF8StringEncoding) |error|:(missing value))
   set theExistingText to (current application's NSString's stringWithContentsOfFile:theExistingFile encoding:(current application's NSUTF8StringEncoding) |error|:(missing value))
   set theIPData to getIPData(theText, theExistingText)
   
   (current application's NSString's stringWithString:theIPData)'s writeToFile:theIPFile atomically:true encoding:(current application's NSUTF8StringEncoding) |error|:(missing value)
end open

on getIPData(theText, theExistingText)
   set regExPattern to "[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+"
   set theRegEx to current application's NSRegularExpression's regularExpressionWithPattern:regExPattern options:0 |error|:(missing value)
   set regExMatches to theRegEx's matchesInString:theText options:0 range:{location:0, |length|:theText's |length|()}
   
   set ipSet to current application's NSMutableSet's new()
   repeat with anItem in regExMatches
       (ipSet's addObject:(theText's substringWithRange:(anItem's range())))
   end repeat
   
   set ipExistingArray to (theExistingText's componentsSeparatedByCharactersInSet:(current application's NSCharacterSet's newlineCharacterSet()))
   set ipExistingSet to current application's NSSet's setWithArray:ipExistingArray
   
   ipSet's minusSet:ipExistingSet
   set ipSortedArray to ipSet's allObjects()'s sortedArrayUsingSelector:"localizedStandardCompare:"
   return ((ipSortedArray's componentsJoinedByString:linefeed) as text)
end getIPData

on getFileName(theFile)
   set theFile to current application's NSString's stringWithString:theFile
   set fileBase to theFile's stringByDeletingPathExtension()
   set fileExtension to theFile's pathExtension()
   return ((fileBase's stringByAppendingString:"_IP_CLEANED")'s stringByAppendingPathExtension:fileExtension)
end getFileName

Last edited by peavine (2021-11-19 08:01:24 am)


2018 Mac mini - macOS Monterey - Script Debugger 8

Offline

 

#40 2021-11-17 09:22:28 am

dbrewood
Member
From:: Manchester, UK
Registered: 2020-11-30
Posts: 41

Re: Cleaning data out of a text file?

Wow! That is totally awesome and does indeed look to do what is needed. I'll not know for sure until I run it with real data, but on test data I just threw together it looked to work perfectly!

If I do want to hard code the path for the third party deny list:

"/Users/dbrewood/OneDrive/NAS/Deny List/deny-ip-list.txt"

Where exactly would I make the changes? (Sorry I can't work out which variable I'd need to set).

Thanks again to everyone involved in this.

Offline

 

#41 2021-11-17 09:25:55 am

peavine
Member
From:: Prescott, Arizona
Registered: 2018-09-04
Posts: 1133

Re: Cleaning data out of a text file?

In my script, delete the first line below and insert the second line below.

Applescript:

set theExistingFile to POSIX path of (choose file)
set theExistingFile to "/Users/dbrewood/OneDrive/NAS/Deny List/deny-ip-list.txt"


2018 Mac mini - macOS Monterey - Script Debugger 8

Offline

 

#42 2021-11-17 09:31:25 am

dbrewood
Member
From:: Manchester, UK
Registered: 2020-11-30
Posts: 41

Re: Cleaning data out of a text file?

Absolutely superb, worked wonderfully well on my test data. Many many thanks.

This should save a lot of work for both myself and the script maintainer!

Offline

 

Board footer

Powered by FluxBB

RSS (new topics) RSS (active topics)