hardest week yet: some guidence please

[raymond2688]

I am trying to get just the user name that is between invalid user and from the following code is what i have

with open("auth.log.1") as auth_log:
    for line in auth_log:
        if "Failed password" in line:
            start = line.find("invalid user")
            end = line.find(" from")
            name = line[start:end]
            print("{}".format(name))

I think this is my problem because it prints out "invalid user" and the user name

 start = line.find("invalid user")

I want it to start with the space after the r in user. Any help would be greatly appreciated. Thank you in advance

---

This is my output

Output:
invalid user root
invalid user root
invalid user root
invalid user root
invalid user root
invalid user root
invalid user root
invalid user root
invalid user root
invalid user root
invalid user root
invalid user root
invalid user root
invalid user root
invalid user root

[ichabod801]

The find method returns the start of the substring in the string. So your start variable is set to the beginning of the word 'user', that is, to the 'u'. You want to add five to it so your slice skips over the word 'user' and the space after it.

[raymond2688]

The find method returns the start of the substring in the string. So your start variable is set to the beginning of the word 'user', that is, to the 'u'. You want to add five to it so your slice skips over the word 'user' and the space after it.

I tried this which is what I think you mean

 start = line.find("invalid user"[5:])

But it only takes out inval
I can only go up to 9 then it changes everything from

Output:
id user root
id user root
id user root
id user root
id user root
id user root
id user root
id user root
id user roo

to this

Output:
er sshd[6488]: Failed password for invalid user root
er sshd[6490]: Failed password for invalid user root
er sshd[6490]: message repeated 2 times: [ Failed password for invalid user root
er sshd[6492]: Failed password for invalid user root
er sshd[6488]: message repeated 5 times: [ Failed password for invalid user root
er sshd[6492]: message repeated 2 times: [ Failed password for invalid user root
er sshd[6494]: Failed password for invalid user root
er sshd[6496]: Failed password for invalid user root
er sshd[6494]: message repeated 2 times: [ Failed password for invalid user root
er sshd[6501]: Failed password for invalid user root
er sshd[6496]: message repeated 5 times: [ Failed password for invalid user root
er sshd[6503]: Failed password for invalid user root
er sshd[6501]: message repeated 2 times: [ Failed password for invalid user root

[ichabod801]

Just add five to start. Don't slice something else. Add five to start. And that's assuming you are searching for 'user', so you need 5 characters to get past 'user '. If you are going to change the string you are searching for to 'Invalid user', you need to account for the extra length of that string. So you would need to add 13 to start. Note that if you were to slice 'Invalid user' by 13, you would get nothing. That's why you don't do that.

[raymond2688]

Just add five to start. Don't slice something else. Add five to start. And that's assuming you are searching for 'user', so you need 5 characters to get past 'user '. If you are going to change the string you are searching for to 'Invalid user', you need to account for the extra length of that string. So you would need to add 13 to start. Note that if you were to slice 'Invalid user' by 13, you would get nothing. That's why you don't do that.

I know that is what I need to do I just cant figure out were it goes

start = line.find("invalid user")

I have tried it in many different places in the code

[jefsummers]

start = line.find("invalid user")+13

Add 13 which is the length of "invalid user " (including the space)

[raymond2688]

start = line.find("invalid user")+13

Add 13 which is the length of "invalid user " (including the space)

about the only thing i did not try......I was putting every attempt into []

Thank you very much

[raymond2688]

I am on step 4 now.
I think I am doing pretty good but I have a couple issues. I am uncertain if it is actually removing dupes but keeping count of number of times a user name attempts to log in.

My other issue is my print string is wrong and I cant figure out how to make the first {} my count and second {} the user name. I am certain it is in my format

intruder_log = {}

with open("auth.log.1") as auth_log:

    for line in auth_log:
        if "Failed password" in line:
            start = line.find("invalid user")
            end = line.find(" from")
            name = line[start + 13:end]
        
            if name in intruder_log:
                intruder_log[name] += 1
            else:
                intruder_log[name] = 1

            for key in intruder_log:
                print("Attackers tried {} times to log in as {}".format, key["name"])

[ndc85430]

First, you're printing the format method, not calling it. When you do call it, it takes multiple arguments, in the same order as the placeholders, e.g.

>>> "{} {} {}".format("foo", "bar", "baz")
'foo bar baz'
>>> 

Also, key will be assigned the values of the keys in the dict, so the expression key["name"] doesn't make any sense.

[raymond2688]

I get that now but that leeds to my other issue is my code counting how many time a user name is used.

First, you're printing the format method, not calling it. When you do call it, it takes multiple arguments, in the same order as the placeholders, e.g.

>>> "{} {} {}".format("foo", "bar", "baz")
'foo bar baz'
>>> 

Also, key will be assigned the values of the keys in the dict, so the expression key["name"] doesn't make any sense.

So I am thinking that my print statement should look like this with the exception that i need 2 keys or values 1 being the name the other number of attempts but I cant call for the number of attempts because I think it is not counting

            for key in intruder_log:
                print("Attackers tried {} times to log in as {}".format("name"))# i need to add my second {}