Create a dictionary for a network log

In [1]:
log = {
    "src_ip": "192.168.1.10",
    "dest_ip": "10.0.0.5",
    "bytes": 1200,
    "protocol": "TCP"
}
print(log)


{'src_ip': '192.168.1.10', 'dest_ip': '10.0.0.5', 'bytes': 1200, 'protocol': 'TCP'}


Convert log dictionary to a DataFrame

In [2]:
import pandas as pd
df = pd.DataFrame([log])
print(df)

         src_ip   dest_ip  bytes protocol
0  192.168.1.10  10.0.0.5   1200      TCP


Create a list of IP addresses and remove duplicates

In [3]:
ips = ["10.0.0.1","10.0.0.2","10.0.0.1","10.0.0.3"]
unique_ips = list(set(ips))
print(unique_ips)


['10.0.0.3', '10.0.0.1', '10.0.0.2']


Count how many times each IP appears

In [4]:
from collections import Counter
counts = Counter(ips)
print(counts)


Counter({'10.0.0.1': 2, '10.0.0.2': 1, '10.0.0.3': 1})


Read a text file containing fake logs

In [5]:
sample_text = """10.0.0.1 - OK
10.0.0.2 - THREAT
10.0.0.3 - OK"""

with open("logs.txt", "w") as f:
    f.write(sample_text)

with open("logs.txt", "r") as f:
    print(f.read())


10.0.0.1 - OK
10.0.0.2 - THREAT
10.0.0.3 - OK


Extract only IPs from the text file

In [6]:
ips = []
with open("logs.txt") as f:
    for line in f:
        ips.append(line.split()[0])

print("Extracted IPs:", ips)


Extracted IPs: ['10.0.0.1', '10.0.0.2', '10.0.0.3']


Count THREAT vs OK lines

In [7]:
threat_count = 0
ok_count = 0

with open("logs.txt") as f:
    for line in f:
        if "THREAT" in line:
            threat_count += 1
        else:
            ok_count += 1

print("Threat:", threat_count, "OK:", ok_count)


Threat: 1 OK: 2


Create a function to check if an IP is private

In [8]:
def is_private(ip):
    return ip.startswith("10.") or ip.startswith("192.168.")

print(is_private("10.0.0.1"), is_private("8.8.8.8"))


True False


Convert bytes to KB using a function

In [9]:
def to_kb(b):
    return round(b / 1024, 2)

print(to_kb(2048))


2.0


Iterate through logs and show only TCP traffic

In [10]:
logs = [
    {"src_ip":"10.0.0.1","protocol":"TCP"},
    {"src_ip":"10.0.0.2","protocol":"UDP"},
    {"src_ip":"10.0.0.3","protocol":"TCP"}
]

tcp_logs = [l for l in logs if l["protocol"] == "TCP"]
print(tcp_logs)


[{'src_ip': '10.0.0.1', 'protocol': 'TCP'}, {'src_ip': '10.0.0.3', 'protocol': 'TCP'}]


Create a simple class for a Network Packet

In [11]:
class Packet:
    def __init__(self, src, dest, bytes):
        self.src = src
        self.dest = dest
        self.bytes = bytes

    def show(self):
        print(f"Packet from {self.src} to {self.dest}, size {self.bytes}")

p = Packet("10.0.0.1","10.0.0.2",1500)
p.show()


Packet from 10.0.0.1 to 10.0.0.2, size 1500


Filter packets > 1000 bytes

In [12]:
packets = [500,1200,3000,200]
large = [p for p in packets if p > 1000]
print("Large packets:", large)


Large packets: [1200, 3000]


Sort logs by bytes

In [13]:
log_data = [
    {"ip":"A","bytes":200},
    {"ip":"B","bytes":800},
    {"ip":"C","bytes":500}
]

sorted_data = sorted(log_data, key=lambda x: x["bytes"])
print(sorted_data)


[{'ip': 'A', 'bytes': 200}, {'ip': 'C', 'bytes': 500}, {'ip': 'B', 'bytes': 800}]


Merge two IP lists (remove duplicates)

In [14]:
list1 = ["10.0.0.1","10.0.0.2"]
list2 = ["10.0.0.2","10.0.0.3"]

merged = list(set(list1 + list2))
print(merged)


['10.0.0.3', '10.0.0.1', '10.0.0.2']


Count how many TCP/UDP logs

In [15]:
protocols = ["TCP","TCP","UDP","ICMP","TCP"]
print("Counts:", Counter(protocols))


Counts: Counter({'TCP': 3, 'UDP': 1, 'ICMP': 1})


Reverse an IP address

In [16]:
ip = "192.168.1.10"
print("Reversed:", ".".join(ip.split(".")[::-1]))


Reversed: 10.1.168.192


Mask an IP (X.X.X.last_octet)

In [17]:
def mask(ip):
    parts = ip.split(".")
    return "X.X.X." + parts[-1]

print(mask("192.168.1.10"))


X.X.X.10


Find max/min bytes in a list

In [18]:
bytes_list = [1500,2500,800,6000]
print("Min:", min(bytes_list), "Max:", max(bytes_list))


Min: 800 Max: 6000


Create a list of threat scores and calculate average

In [19]:
scores = [2.5,5.0,8.5,1.0]
print("Average:", sum(scores)/len(scores))


Average: 4.25


Detect suspicious traffic (>2000 bytes)

In [20]:
for b in bytes_list:
    if b > 2000:
        print(b, "is Suspicious!")


2500 is Suspicious!
6000 is Suspicious!


Check if an IP exists in a list

In [21]:
ips = ["10.0.0.1","10.0.0.2"]
print("Found:", "10.0.0.1" in ips)


Found: True


Create a dictionary of IP â†’ bytes

In [22]:
traffic = {
    "10.0.0.1": 1400,
    "10.0.0.2": 300,
    "10.0.0.3": 5000
}
print(traffic)


{'10.0.0.1': 1400, '10.0.0.2': 300, '10.0.0.3': 5000}


Increase bytes of every IP by +100

In [23]:
updated = {ip:traffic[ip] + 100 for ip in traffic}
print(updated)


{'10.0.0.1': 1500, '10.0.0.2': 400, '10.0.0.3': 5100}


Remove IPs with low traffic (<1000 bytes)

In [24]:
cleaned = {ip:b for ip,b in traffic.items() if b >= 1000}
print(cleaned)


{'10.0.0.1': 1400, '10.0.0.3': 5000}


Convert all IP keys to uppercase (string task)

In [25]:
print({ip.upper():b for ip,b in traffic.items()})


{'10.0.0.1': 1400, '10.0.0.2': 300, '10.0.0.3': 5000}


Split logs based on threat level

In [26]:
log_entries = [
    ("10.0.0.1", 0),
    ("10.0.0.2", 1),
    ("10.0.0.3", 1)
]

safe = [l for l in log_entries if l[1] == 0]
threat = [l for l in log_entries if l[1] == 1]

print("Safe:", safe)
print("Threat:", threat)


Safe: [('10.0.0.1', 0)]
Threat: [('10.0.0.2', 1), ('10.0.0.3', 1)]


onvert IP list into a set (remove duplicates)

In [27]:
ipset = set(["10.0.0.1","10.0.0.1","10.0.0.2"])
print(ipset)


{'10.0.0.1', '10.0.0.2'}


Combine two dictionaries (merge traffic logs)

In [28]:
t1 = {"A":500,"B":1000}
t2 = {"B":800,"C":1200}

merged = t1.copy()
merged.update(t2)
print(merged)


{'A': 500, 'B': 800, 'C': 1200}


Create function to classify traffic load

In [29]:
def classify(bytes):
    if bytes > 3000:
        return "HIGH"
    elif bytes > 1000:
        return "MEDIUM"
    else:
        return "LOW"

for b in [500,1800,4500]:
    print(b, classify(b))


500 LOW
1800 MEDIUM
4500 HIGH


Save processed traffic dictionary to file

In [30]:
import json

with open("traffic.json", "w") as f:
    json.dump(traffic, f, indent=4)

print("File saved:", "traffic.json")


File saved: traffic.json
