Home>

PHP, you must pull out the data from the logs and write to the database.

Log format:

127.0.0.1 ---[21 /Mar /2019: 00: 20: 06 +0300] "Get /favicon/favicon-32.png HTTP /1.1" 200 1306 "http: //modimio.loc/icms/catalog/catalog_edit? id= 4" "" Mozilla /5.0 (x11; linux x86_64) AppleWebKit /537.36 (KHTML, LIKE GECKO) Chrome /73.0.3683.75 Safari /537.36 "

176.59.213.125 --[22 /Mar /2019: 06: 10: 33 +0300] "Get /resize/?pic=..%2FUPLOAD%2FICMS%2Fimages%2FCatalog%2Fcatalog_1_.jpg& w= 200 & H= 274 & TP= 1 HTTP /1.1 "200 78134" https://modimio.ru/store "" Mozilla /5.0 (iPhone; CPU iPhone OS 10_3_3 Like Mac OS X) AppleWebKit /603.3.8 (Khtml, Like Gecko) Version /10.0 Mobile /14G60 Safari /602.1 "

83.146.108.57 ---[22 /Mar /2019: 06: 11: 28 +0300] "Get /resize/?pic=..%2FUPLOAD%2FICMS%2Fimages%2Fcatalog%2FpDF_CATALOG_51.jpg& w= 224 & H= 306 & tp= 1 http /1.1 "200 100707" https://modimio.ru/store/nashi_tanki/51-nashi_tanki_9_pt_76b "" "Mozilla /5.0 (Windows NT 6.1; WoW64; Trident /7.0; RV: 11.0) Like Gecko"

What you need to pars

• IP address

• Date /query time

• URL

• User-Agent

Inside User-Agent, you also need to paint:

• Operating system

• Architecture (x86 or x64)

• Browser

Partially already something saws:

$ Time= '(? <
Time >
\ b (?= \ d +: \ d) ((? :(?: 2 [0-3] | [0-1]? [0-9]): (?= \ d \ d))? (? : [0-5]? [0-9] :)? [0-5] [0-9]) \ b) /';
$ date= '/(? <
Date >
\ d {2} \ /\ w {3} \ /\ d {4}) /';
$ url= '/(? <
URL >
(?: http: | https :) \ /\ /.+? (?= ")) /";
$ useragent= '/"{1,3} (? P <
UseRAGENT >
[^ "] *)" $ /';

stuck on the Agent Youse, help pull out the data, in regular Yun regularities ( It turned out to pull the entire line with the user agent but I can not figure out how to smash it.

  • Answer # 1

    Instead of pulling from the line to one entity, pull everything together. All fields are separated by a space symbol and plus have different framing characters.

    $ RE= '(? <
    IP >
    [0-9.] +) \ S + \ -\ s + \ -\ s \ [(? ≪
    Date >
    [^ \]] +) \] \ s "(? <
    Request >
    [^ "] +)" \ s (? <
    Code >
    \ D +) \ s + (? <
    Size >
    \ D +) \ s "(? <
    URL >
    [^ "] +)" \ s "(? <
    UseRAGENT >
    [^ "] +)" /m ';
    $ str= '127.0.0.1 --[21 /mar /2019: 00: 20: 06 +0300] "Get /favicon/favicon-32.png http /1.1" 200 1306 "http: //modimio.loc/iCMS /catalog /catalog_edit? id= 4 "" Mozilla /5.0 (X11; Linux x86_64) AppleWebKit /537.36 (KHTML, LIKE GECKO) Chrome /73.0.3683.75 Safari /537.36 "
    176.59.213.125 ---[22 /Mar /2019: 06: 10: 33 +0300] "Get /resize/?pic=..%2FUPLoad%2Ficms%2Fimages%2FCatalog%2Fcatalog_1__.jpg&
    w= 200 &
    H= 274 &
    TP= 1 HTTP /1.1 "200 78134" https://modimio.ru/store "" Mozilla /5.0 (iPhone; CPU iPhone OS 10_3_3 Like Mac OS X) AppleWebKit /603.3.8 (Khtml, Like Gecko) Version /10.0 Mobile /14G60 Safari /602.1 "
    83.146.108.57 ---[22 /Mar /2019: 06: 11: 28 +0300] "Get /resize/?pic=..%2FIpload%2Ficms%2Fimages%2Fcatalog%2FpDF_CATALOG_51.jpg&
    w= 224 &
    H= 306 &
    TP= 1 http /1.1 "200 100707" https://modimio.ru/store/nashi_tanki/51-nashi_tanki_9_pt_76b "" Mozilla /5.0 (Windows NT 6.1; WOW64; TRIDENT /7.0; RV: 11.0) Like Gecko "";
    preg_match_all ($ re, $ str, $ matches, preg_set_Order, 0);
    //Print The Entire Match Result
    VAR_DUMP ($ Matches);
    
  • Answer # 2

    Instead of pulling from the line to one entity, pull everything together. All fields are separated by a space symbol and plus have different framing characters.

    $ RE= '(? <
    IP >
    [0-9.] +) \ S + \ -\ s + \ -\ s \ [(? ≪
    Date >
    [^ \]] +) \] \ s "(? <
    Request >
    [^ "] +)" \ s (? <
    Code >
    \ D +) \ s + (? <
    Size >
    \ D +) \ s "(? <
    URL >
    [^ "] +)" \ s "(? <
    UseRAGENT >
    [^ "] +)" /m ';
    $ str= '127.0.0.1 --[21 /mar /2019: 00: 20: 06 +0300] "Get /favicon/favicon-32.png http /1.1" 200 1306 "http: //modimio.loc/iCMS /catalog /catalog_edit? id= 4 "" Mozilla /5.0 (X11; Linux x86_64) AppleWebKit /537.36 (KHTML, LIKE GECKO) Chrome /73.0.3683.75 Safari /537.36 "
    176.59.213.125 ---[22 /Mar /2019: 06: 10: 33 +0300] "Get /resize/?pic=..%2FUPLoad%2Ficms%2Fimages%2FCatalog%2Fcatalog_1__.jpg&
    w= 200 &
    H= 274 &
    TP= 1 HTTP /1.1 "200 78134" https://modimio.ru/store "" Mozilla /5.0 (iPhone; CPU iPhone OS 10_3_3 Like Mac OS X) AppleWebKit /603.3.8 (Khtml, Like Gecko) Version /10.0 Mobile /14G60 Safari /602.1 "
    83.146.108.57 ---[22 /Mar /2019: 06: 11: 28 +0300] "Get /resize/?pic=..%2FIpload%2Ficms%2Fimages%2Fcatalog%2FpDF_CATALOG_51.jpg&
    w= 224 &
    H= 306 &
    TP= 1 http /1.1 "200 100707" https://modimio.ru/store/nashi_tanki/51-nashi_tanki_9_pt_76b "" Mozilla /5.0 (Windows NT 6.1; WOW64; TRIDENT /7.0; RV: 11.0) Like Gecko "";
    preg_match_all ($ re, $ str, $ matches, preg_set_Order, 0);
    //Print The Entire Match Result
    VAR_DUMP ($ Matches);