Skip to content

BelAlMo2/SSH-Log-Analyzer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 
log_analyzer.py
log_analyzer.py
 
 

Repository files navigation

SSH Log Analyzer (Brute-Force Detector)

A Python script designed for SOC Analysts to quickly parse Linux auth.log files, extract suspicious IP addresses attempting SSH brute-force attacks, and export the results for firewall blocking.

Features

  • Regex-based Parsing: Accurately extracts IPv4 addresses.
  • Frequency Analysis: Counts and sorts failed login attempts descendingly.
  • Automated Reporting: Outputs a clear table to the console and exports a suspicious_ips.txt file for SIEM/Firewall integration.

Usage

Simply run the script in the same directory as your log file: python log_analyzer.py

About

A Python script to extract and count failed SSH login attempts from Linux auth.log files

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages