Find Jobs
Hire Freelancers

Powershell script to parse IIS logs & send email alerts if any user login from different IP or unexpected location

₹1500-12500 INR

Suljettu
Julkaistu yli 3 vuotta sitten

₹1500-12500 INR

Maksettu toimituksen yhteydessä
Requirements: Whoever access emails hosted on exchange server, request goes through IIS to access their emails. IIS maintains logs of each connection. IIS creates one log file for each day in the form of [login to view URL], ignoring timezone of the server. The example below is having time zone of India i.e. +5:30 Now the target is to alert the user or the administrator, if user has logged on using a new location or new ISP or different than his past trend. (Suspicious connection) So, the alert should consist of the IP address, approximate city, country & ISP (sites like [login to view URL]), some info of the device (user agent) date & time of the connection (log entry time) Sometime we will observe that connection was made but the log entry (even the consecutive entries) does not have any username. This IP is also unique, we would name them as ghost entries (visits by bots, search engines, crawlers). Admin should be notified for this also. Sometimes we will see no username in first entry but later a username(cs-username) will be there. So we will associate that IP with that user not wit ghost entry. We will maintain a database or log for each user to set a trend/pattern. IF a user made a connection from outside India or different than the trend/pattern an email should go to admin and/or the user. We can also add the information fetched from ip to location websites, to this database/log and make a historical data. We can attach this user specific historical data with the email trigger/alert (optional to include the file) I have found good tool to get meaningful records: [login to view URL] Using this tool I have found log of 50MB having 10,000 rows, populate only 25 rows with which we have to work on. We can ignore entries having local network IP. Sample data parsed by the tool: Video help (previous version) [login to view URL] The SQL statement that did the job (you are free to build your own SQL statement) SELECT DISTINCT c-ip as IP,cs-username,cs(User-Agent) FROM '[LOGFILEPATH]' WHERE c-ip not IN ('[login to view URL]';'::1';'fe80::4d9a:7f50:5587:ff19%13') and c-ip not like '192.168.5.%' order by ip This tool has generated the PS1 file for your reference. Now the question, how frequently the email trigger comes. Ideally ASAP. If not feasible, after an hour, couple of hours by latest by end of the day. Gmail also maintain this historical data as “recent activity” You can install IIS on windows 8/10 machine also & generate sample data & editing local IP to public IP. I cannot send real IIS data file due to privacy & company policy issue. [login to view URL]
Projektin tunnus (ID): 27256591

Tietoa projektista

3 ehdotukset
Etäprojekti
Aktiivinen 3 vuotta sitten

Haluatko ansaita rahaa?

Freelancerin tarjouskilpailun edut

Aseta budjettisi ja aikataulu
Saa maksu työstäsi
Kuvaile ehdotustasi
Rekisteröinti ja töihin tarjoaminen on ilmaista
3 freelancerit tarjoavat keskimäärin ₹8 741 INR tätä projektia
Käyttäjän avatar
Hi Client , I have done similar projects already in many use cases, I can close this quickly. I’m an Independent, Senior Software Engineer, Freelance Web & Automation developer with 5+ years of experience with Master degree holder and expertise in POWERSHELL, PYTHON, MACHINE LEARNING, DEEP LEARNING, DATA SCIENCE, ANSIBLE, DOCKER, PHP, HTML 5, CSS3, JAVASCRIPT, NODE. JS, MYSQL, MONGODB, technology with complete Full stack web developer and automation scripting developer. I’m a huge fan of the work, my goal is to get the project done on time with client satisfaction. If you have the time, I’d like to chat with you about the job requirements of yours. If you have time to talk, you can reach me anytime Thanks for your time, and I look forward to hearing from you.
₹4 000 INR 1 päivässä
5,0 (7 arvostelua)
3,4
3,4
Käyttäjän avatar
Ihave 3 years of experience in powershell and can deliver the task as per the requirement and expectation. Please provide me your environment details so that i can discuss and proceed with preparing the script using powershell
₹11 111 INR 3 päivässä
0,0 (0 arvostelua)
0,0
0,0
Käyttäjän avatar
Hi there, I can do this task exactly as you requested. Let me know if this project is still open and trust me I will not waste your time. Thanks
₹11 111 INR 2 päivässä
0,0 (0 arvostelua)
0,0
0,0

Tietoja asiakkaasta

Maan INDIA lippu
Noida, India
5,0
1
Maksutapa vahvistettu
Liittynyt maalisk. 11, 2012

Asiakkaan vahvistus

Kiitos! Olemme lähettäneet sinulle sähköpostitse linkin, jolla voit lunastaa ilmaisen krediittisi.
Jotain meni pieleen lähetettäessä sähköpostiasi. Yritä uudelleen.
Rekisteröitynyttä käyttäjää Ilmoitettua työtä yhteensä
Freelancer ® is a registered Trademark of Freelancer Technology Pty Limited (ACN 142 189 759)
Copyright © 2024 Freelancer Technology Pty Limited (ACN 142 189 759)
Ladataan esikatselua
Lupa myönnetty Geolocation.
Kirjautumisistuntosi on vanhentunut ja sinut on kirjattu ulos. Kirjaudu uudelleen sisään.