preg_match_all計數IP從Apache日誌文件地址

Question

我試圖抓住從Apache日誌文件中的IP地址和計數唯一的IP

這個Apache日誌文件中有22.22.22.22超過10的時間和125.245.25.25不超過10時間

我試圖獲取IP只有超過10時在Apache日誌文件

我的PHP代碼

<?php 
    $iplist_file="/home/domain/public_html/iplist.txt"; 

    $iplist_file=file_get_contents($iplist_file); 

    preg_match_all('/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/',$iplist_file,$a); 

    $count = count($a[0]); 
    echo "<b>Number of ip</b> = " .$count."<p>"; 
?> 

文本文件

22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
22.22.22.22 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
125.245.25.25 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
125.245.25.25 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
125.245.25.25 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 
125.245.25.25 - - [21/Jan/2016:17:06:31 +0300] "POST 1.php HTTP/1.1" 200 632 "mydomain.com" "Mozilla/5.0 (PlayStation 4 3.15) 

Answer 1

對於來自日誌獲取所有IP您可以使用此非常類似的正則表達式：

preg_match_all('/^(?P<ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/m', $iplist_content, $matches); 

標誌m是這裏多模式（http://php.net/manual/en/reference.pcre.pattern.modifiers.php），?P<ip>命名捕獲組 - 而不是$matches[1]我有$matches['ip']（這是沒有必要的）。

正如我所說，在$matches['ip']你有所有的IP創建日誌。爲了算他們，你可以使用簡單的循環，或者更好的你可以使用fnc array_count_values。

當我們把這一切都在一起，我們得到這樣的：

<?php 

$iplist_file = "/home/domain/public_html/iplist.txt"; 
$iplist_content = file_get_contents($iplist_file); 

preg_match_all('/^(?P<ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/m', $iplist_content, $matches); 

foreach (array_count_values($matches['ip']) as $ip => $count) { 
    print $ip . ': ' . $count . '<br>'; 
}