Python Forum
time difference bettwenn logs
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
time difference bettwenn logs
#11
If we assume this log file:
Output:
<150>Nov 7 07:38:00 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57418 -> 17.57.172.11:443 (TCP) close connection <150>Nov 7 07:39:10 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57422 -> 17.57.172.11:443 (TCP) <150>Nov 7 07:44:00 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57423 -> 17.57.172.11:443 (TCP) <150>Nov 7 07:46:20 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57424 -> 17.57.13.65:443 (TCP) <150>Nov 7 07:48:30 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57425 -> 17.57.13.65:443 (TCP) <150>Nov 7 07:50:10 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57426 -> 17.57.13.65:443 (TCP) <150>Nov 7 07:55:10 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57427 -> 17.57.172.11:443 (TCP) <150>Nov 7 08:01:00 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57428 -> 17.57.13.65:443 (TCP) <150>Nov 7 08:06:00 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57429 -> 17.57.13.65:443 (TCP) <150>Nov 7 08:08:30 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57430 -> 17.57.13.65:443 (TCP) <150>Nov 7 08:10:55 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57431 -> 96.17.179.45:443 (TCP) <150>Nov 7 08:15:00 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57432 -> 17.57.13.65:443 (TCP) <150>Nov 7 08:22:25 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57427 -> 17.57.172.11:443 (TCP) close connection <150>Nov 7 08:27:00 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57433 -> 17.188.182.68:443 (TCP) <150>Nov 7 08:35:45 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57434 -> 17.57.146.88:5223 (TCP) <150>Nov 7 08:38:00 DrayTek: Local User (MAC=B0-8C-75-C0-FF-8F): 172.16.91.7:57435 -> 17.248.211.69:443 (TCP)
... (which I've simply adapted from the one posted) and use this modified script:
from datetime import datetime, timedelta

time_stack = []

with open("log2", mode="r", encoding="UTF-8") as log:
    for entry, item in enumerate(log, 1):
        time_str = item[12:20]
        time_stamp = datetime.strptime(time_str, '%H:%M:%S')
        time_stack.append(time_stamp)
        if len(time_stack) > 1:
            diff = time_stack[1] - time_stack[0]
            if diff >= timedelta(seconds=300):
                print(f"{entry:02d}:~", time_str, diff)
            time_stack.pop(0)
        else:
            print(f"{entry:02d}:~ Start", time_str)
... we get this report:

Output:
01:~ Start 07:38:00 07:~ 07:55:10 0:05:00 08:~ 08:01:00 0:05:50 09:~ 08:06:00 0:05:00 13:~ 08:22:25 0:07:25 15:~ 08:35:45 0:08:45
... which shows only entries that have a time difference of five minutes or more (5 minutes = 300 seconds).

Is that what you're looking for?
enkliy likes this post
Sig:
>>> import this

The UNIX philosophy: "Do one thing, and do it well."

"The danger of computers becoming like humans is not as great as the danger of humans becoming like computers." :~ Konrad Zuse

"Everything should be made as simple as possible, but not simpler." :~ Albert Einstein
Reply


Messages In This Thread
time difference bettwenn logs - by enkliy - Nov-20-2023, 09:25 AM
RE: time difference bettwenn logs - by snippsat - Nov-20-2023, 10:32 AM
RE: time difference bettwenn logs - by rob101 - Nov-20-2023, 11:33 AM
RE: time difference bettwenn logs - by enkliy - Nov-20-2023, 01:18 PM
RE: time difference bettwenn logs - by deanhystad - Nov-20-2023, 08:43 PM
RE: time difference bettwenn logs - by Larz60+ - Nov-21-2023, 10:32 AM
RE: time difference bettwenn logs - by Pedroski55 - Nov-21-2023, 11:04 AM
RE: time difference bettwenn logs - by enkliy - Nov-21-2023, 02:05 PM
RE: time difference bettwenn logs - by rob101 - Nov-21-2023, 02:26 PM
RE: time difference bettwenn logs - by enkliy - Nov-21-2023, 02:41 PM
RE: time difference bettwenn logs - by rob101 - Nov-21-2023, 03:00 PM
RE: time difference bettwenn logs - by enkliy - Nov-21-2023, 03:36 PM
RE: time difference bettwenn logs - by rob101 - Nov-21-2023, 03:39 PM
RE: time difference bettwenn logs - by deanhystad - Nov-21-2023, 04:43 PM
RE: time difference bettwenn logs - by rob101 - Nov-21-2023, 04:51 PM

Possibly Related Threads…
Thread Author Replies Views Last Post
  Hard time trying to figure out the difference between two strings carecavoador 2 755 Aug-16-2023, 04:53 PM
Last Post: carecavoador
  Sum up Time difference tester_V 10 2,846 Apr-06-2023, 06:54 AM
Last Post: Gribouillis
  Bot refuses to count logs. M1racle 0 1,305 Dec-13-2021, 06:42 PM
Last Post: M1racle
  Get Azure activity logs using python script raham3406 4 3,681 Apr-27-2021, 05:10 AM
Last Post: raham3406
  How to get indices of minimum time difference Mekala 1 2,229 Nov-10-2020, 11:09 PM
Last Post: deanhystad
  How to calculate time difference between each row of dataframe in seconds Mekala 1 2,667 Jul-16-2020, 12:57 PM
Last Post: Larz60+
  python realtime parsing logs anna 2 2,972 Jul-05-2020, 06:36 AM
Last Post: anna
  capture logs on specific port anna 1 1,818 Jun-27-2019, 03:47 PM
Last Post: Larz60+
  Correlation of Incidents using time difference Rajhesh 1 1,894 Jun-27-2019, 03:44 PM
Last Post: Larz60+
  Time Difference in Epoch Microseconds then convert to human readable firesh 4 11,756 Feb-27-2018, 09:08 AM
Last Post: firesh

Forum Jump:

User Panel Messages

Announcements
Announcement #1 8/1/2020
Announcement #2 8/2/2020
Announcement #3 8/6/2020