In [None]:
# Read userlog.log
userlog = open("userlog.log")
logs = userlog.readlines()
logs_dict = parseLog(logs)

In [None]:
# Function for reading log file and storing in dictionary
def parseLog(logs):
    logs_dict = {}
    for log in logs:
        elements = log.split()
        date = elements[0]
        time = elements[1]
        activity = elements[2]
        server = elements [3]
        email = elements[4]
        
        if email in logs_dict:
            if date in logs_dict[email]:
                logs_dict[email][date].append((time, activity, server))
            else:
                logs_dict[email][date] = [(time, activity, server)]
        else:
            logs_dict[email] = {date: [(time, activity, server)]}
        logs_dict[email][date].sort()
    return logs_dict

In [None]:
# Function for writing report
def writeReport(title, fileName, suspiciousAct, suspiciousCount, logs_dict):
    new_file = open(fileName, "x")
    new_file.write("==============================\n")
    new_file.write(f"=== {title} ({str(suspiciousCount)} cases) ===\n")
    new_file.write("==============================\n")
    
    for email in suspiciousAct:
        actCount = len(suspiciousAct[email])
        new_file.write(f"{email}\t\t{str(actCount)}\n")
        
        for date in suspiciousAct[email]:
            new_file.write(f"\tDATE: [{date}] ---\n")
            
            for activity in logs_dict[email][date]:
                new_file.write(f"\t\t{activity[0]}\t{activity[2]}\n")
                
    new_file.close()

In [None]:
# Report 1 Suspicious Activities
suspiciousAct = {}
suspiciousCount = 0
for email in logs_dict:
    for date in logs_dict[email]:
        loginCount = sum(1 for i in logs_dict[email][date] if i[1] == 'login')
        hasLateLogin = any(i[1] == 'login' and int(i[0].split(':')[0]) < 5 for i in logs_dict[email][date])
        
        if loginCount > 5 or hasLateLogin:
            suspiciousCount += 1
            if email in suspiciousAct:
                suspiciousAct[email].append(date)
            else:
                suspiciousAct[email] = [date]
            suspiciousAct[email].sort()
            
writeReport("Suspicious Activities", "suspicious_report.txt", suspiciousAct, suspiciousCount, logs_dict)

In [None]:
# Report 2 Irresponsible Behavior
irresponsibleAct = {}
irresponsibleCount = 0
for email in logs_dict:
    for date in logs_dict[email]:
        loginCount = sum(1 for i in logs_dict[email][date] if i[1] == 'login')
        logoutCount = sum(1 for i in logs_dict[email][date] if i[1] == 'logout')
        
        if loginCount > logoutCount:
            irresponsibleCount += 1
            if email in irresponsibleAct:
                irresponsibleAct[email].append(date)
            else:
                irresponsibleAct[email] = [date]
            irresponsibleAct[email].sort()
writeReport("Irresponsible Behavior", "irresponsible_report.txt", irresponsibleAct, irresponsibleCount, logs_dict)

In [None]:
# Report 3 System Glitch
systemGlitch = {}
systemGlitchCount = 0
for email in logs_dict:
    for date in logs_dict[email]:
        logoutCount = sum(1 for i in logs_dict[email][date] if i[1] == 'logout')
        loginCount = sum(1 for i in logs_dict[email][date] if i[1] == 'login')
        
        if logoutCount > loginCount:
            systemGlitchCount += 1
            if email in systemGlitch:
                systemGlitch[email].append(date)
            else:
                systemGlitch[email] = [date]
            systemGlitch[email].sort()
writeReport("System Glitch", "glitch_report.txt", systemGlitch, systemGlitchCount, logs_dict)

In [None]:
# Report 4 Domain Count
emailList = logs_dict.keys()
domains_dict = {}
for email in emailList:
    emailParts = email.split('@')
    domain = emailParts[1]
    if domain in domains_dict:
        domains_dict[domain] += 1
    else:
        domains_dict[domain] = 1
        
new_file = open("domain_report.txt", "x")
new_file.write("==============================\n")
new_file.write(f"=== Domain Count ({str(len(domains_dict))} Domains) ===\n")
new_file.write("==============================\n")
               
for domain in domains_dict:
    new_file.write(f"{domain}\t\t{domains_dict[domain]}\n")
               
new_file.close()