import re
from collections import Counter
# Define patterns for suspicious activities
SUSPICIOUS_PATTERNS = {
r"failed password": "Failed login attempt detected.",
r"authentication failure": "Authentication failure detected.",
r"root": "Root access attempt detected.",
r"exec": "Execution of commands detected.",
r"delete": "Delete operation detected.",
r"unauthorized access": "Unauthorized access attempt detected.",
}
def analyze_log(file_path):
with open(file_path, 'r') as file:
log_data = file.readlines()
findings = Counter()
for line in log_data:
for pattern, message in SUSPICIOUS_PATTERNS.items():
if re.search(pattern, line, re.IGNORECASE):
findings[message] += 1
return findings
def display_findings(findings):
print("\n--- Log Analysis Findings ---")
if findings:
for message, count in findings.items():
print(f"{message}: {count} times")
else:
print("No suspicious activities detected.")
if __name__ == "__main__":
log_file_path = input("Enter the path to the log file: ")
findings = analyze_log(log_file_path)
display_findings(findings)