Skip to content

Corazonpirate27/log-analyzer

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Log Analyzer API

A FastAPI-powered log analyzer that detects brute force attacks from server logs.

What it does

  • Reads server log files (Apache/Nginx format)
  • Detects IPs with multiple failed login attempts (401/403)
  • Identifies brute force attacks automatically
  • Returns threat level (HIGH/LOW)
  • REST API endpoint via FastAPI

Tools used

  • Python 3.12
  • FastAPI
  • Uvicorn
  • Collections (Counter)
  • Regex (re module)

How to run

pip install fastapi uvicorn python analyzer.py

API endpoints

  • GET /analyze → Analyze logs and return threat report

Example response

{ "total_logs": 10, "suspicious_ips": { "192.168.1.50": 6, "192.168.1.75": 3 }, "threat_level": "HIGH" }

Real world use

SOC analysts use log analysis to detect:

  • Brute force attacks
  • Unauthorized access attempts
  • Suspicious IP addresses

Author

Corazonpirate27

About

FastAPI log analyzer that detects brute force attacks and suspicious IPs from server logs.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages