Skip to content
/ PythonForCybersecurity_Part2 Public

Efficiently parse and analyze network log files using Python’s native split() and strip() methods to extract unique IP addresses and their accessed ports. This project demonstrates clean, fast log processing techniques essential for cybersecurity monitoring and threat detection.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

vaibhavi-tilak/PythonForCybersecurity_Part2

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
Logfile.txt
Logfile.txt
 
 
PythonForCybersecurity_Part2.ipynb
PythonForCybersecurity_Part2.ipynb
 
 
README.md
README.md
 
 

Repository files navigation

Cybersecurity with Python - Part 2: Parsing Network Logs in Python Using Split & Strip (Clean and Fast)

This project demonstrates how to efficiently parse network log files using Python’s native string operations. You will learn how to read log files line by line, extract and store key data, and summarize network activity by identifying unique IP addresses and the ports they access.

Introduction

Analyzing network logs is crucial for identifying security threats, monitoring system performance, and troubleshooting network issues. Python provides simple and fast methods for reading and processing log files.

This tutorial covers:

  • Reading a text log file line by line
  • Parsing log data using strip() and split()
  • Storing parsed data in sets and dictionaries
  • Extracting unique IP addresses and their accessed ports

Log File Format

Each log line is expected to have:

  • An IP address
  • A port number
  • Additional optional message or metadata

Example:


192.168.1.10 80 Connection accepted

Parsing Implementation



## Open and read log file

with open("Logfile.txt", "r") as file:
logs = file.readlines()

unique_ips = set()
ip_port_map = {}

## Loop through each log line

for line in logs:
parts = line.strip().split()  \# Split the line by whitespace
if len(parts) >= 2:  \# Ensure IP and port are present
ip = parts
port = parts
unique_ips.add(ip)  \# Store unique IPs
ip_port_map.setdefault(ip, set()).add(port)  \# Map ports to IPs

## Display Unique IP Addresses

print("Unique IP Addresses:")
for ip in sorted(unique_ips):
print(ip)

## Display Unique IP Addresses with Ports

print("\nUnique IP Addresses with Ports:")
for ip, ports in ip_port_map.items():
port_list = ', '.join(sorted(ports))
print(f"{ip} -> Ports: {port_list}")

Why Use split() and strip()?

  • strip() removes leading/trailing whitespace and newline characters, cleaning each line.
  • split() breaks the line into components based on spaces, enabling easy extraction of IPs and ports.
  • These native string methods are fast and efficient for well-structured logs and offer simpler implementation than regular expressions.

Conclusion

Using Python's native string methods allows clean, fast parsing of network logs. This technique enables extraction of key network information like unique IPs and accessed ports, foundational for cybersecurity monitoring and threat detection.

Next Steps

Upcoming tutorials will explore advanced log parsing techniques including regex and automated threat detection.

Happy Coding,
Vai (Vaibhavi)

About

Efficiently parse and analyze network log files using Python’s native split() and strip() methods to extract unique IP addresses and their accessed ports. This project demonstrates clean, fast log processing techniques essential for cybersecurity monitoring and threat detection.

Topics

split port strip ipaddresses networklogs

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages