如何删除不包含特定字符串的行?
问题描述 投票:0回答:2
我的网站遭到暴力攻击。日志文件大小为 1.4 GB(4338.995 行)。如何删除 Sublime 中不包含特定字符串的行?
它既包含普通用户,也包含来自两个不同IP地址的暴力攻击(个人信息和IP地址已更改):
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /box1_rhs/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /isaac_working/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
66.29.166.6 - - [28/Apr/2017:13:00:06 +0200] "GET /index.php HTTP/1.1" 200 2898 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /title_bykergrove_red/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /games_title/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
66.29.166.6 - - [28/Apr/2017:13:00:06 +0200] "GET /info.php HTTP/1.1" 200 565 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /box1_btm/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /coast_gal_bamburgh-thumb/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /games_pic2/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /coast_gal_tentsmuir-thumb/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /pannel_bot/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /but_go_red/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /coast_gal_badbea-thumb/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /top_girl/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
61.68.207.144 - - [28/Apr/2017:13:00:06 +0200] "GET /s/ HTTP/1.1" 200 9707 "http://google.com/search?q=s06e13" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /pannel_poles_bottom/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /box2_rhs/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /watch_animals/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /pets_pic4/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /boy/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /box2_top/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /pets_title/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /coast_gal_whitby-thumb/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:06 +0200] "HEAD /box2_schoolsout_paramedic/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:07 +0200] "HEAD /rws_sign/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
12.180.245.229 - - [28/Apr/2017:13:00:07 +0200] "GET /browse.php HTTP/1.1" 200 3819 "https://www.google.com.au/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36"
163.33.74.115 - - [28/Apr/2017:13:00:07 +0200] "HEAD /box2_btm/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:07 +0200] "HEAD /serious_amazon/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:07 +0200] "HEAD /box3_noproblem_textbullying/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:07 +0200] "HEAD /ramblings12_home/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
163.33.74.115 - - [28/Apr/2017:13:00:07 +0200] "HEAD /chain_cat/ HTTP/1.1" 404 157 "-" "DirBuster-0.12 (http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project)"
我想删除不包含“163.33.74.115”的行。通过搜索和替换,我使用:
^((?!163\.33\.74\.115).)*$
但是即使突出显示了除 IP 之外的所有内容,程序也没有执行任何操作。我该怎么做?
2个回答
41
投票
投票
对于 Sublime 使用:
1 - CTRL+H
2 - 单击正则表达式(检查下面的 ps)
3 - 查找内容:
^163.33.74.115.*\n^(?!163.33.74.115).*\n4 - 替换为:空白
5 - 单击全部替换
GREP 答案:
上面的答案应该可以正常工作,但我宁愿使用
greplinuxmac1 - 所有行 除了 包含
163.33.74.115grep -v 163.33.74.115 original.log > attack.log
2 - 所有包含
163.33.74.115grep 163.33.74.115 original.log > attack.log
选项:
-v, --invert-match select non-matching lines
32
投票
投票
更快的选择是仅使用“查找全部”选项:它会为您选择所有匹配项,以便您可以复制它们。
- Ctrl+F 使用简单的正逻辑正则表达式匹配您
- 想要的行:
.*163.33.74.115.*单击“查找全部” - Ctrl+C > 打开新文档 > Ctrl+V
最新问题
- 带有 SQL Server 数据库的 ASP.NET MVC 项目
- 保留泛型类型以供以后重用
- Javascript 无法在部分视图中工作
- 如何更新README中的文件列表
- std::to_string() 与 static_cast<std::string>() 有何不同?
- ER_NOT_SUPPORTED_AUTH_MODE:客户端不支持服务器请求的身份验证协议
- Flutter 应用程序无法与谷歌地图一起使用
- Azure 弹性代理作业问题。新数据库已添加到弹性池中,针对该池的作业无法针对新数据库执行
- ASP.NET Core 8.0 MVC:如果 ModelState 无效且表单重新加载,临时存储照片的最佳位置在哪里?
- Stack 尝试查找 libgmp 然后失败,即使根本没有依赖项
- ReactNative:将 Expo 升级到 52 后启动时应用程序崩溃
- FFMPEG 比率和 SAR 为 1
- 如何在Java中使用PreparedStatement更新MySQL时间戳列?
- 如何使用 Python 和 Flask 优化我的电子商务网站的 API 响应时间?
- Durable Functions + Azure 存储帐户 -> 多次重试尝试检索资源“https://storage.azure.com/”的身份验证令牌
- spring.cloud.stream.output-bindings 它的实际目的或用途是什么?
- .htaccess mod_rewrite 在子目录中不起作用
- QML 中的动态可缩放矢量图像
- MVC - ASP.NET Core 8.0 - 如果 ModelState 无效并且表单重新加载,临时存储照片的最佳位置在哪里?
- 如何在pydantic v2中获取模型字段类型?
© www.soinside.com 2019 - 2024. All rights reserved.