定时记录访问远程端口的ip地址
using System.Collections.Generic;
using System.Text;
using System.Net.NetworkInformation;
using System.Threading;
namespace PortListen
{
class Program
{
static void Main(string[] args)
{
while (true) {
GetTcpConnections();
Thread.Sleep(1000 * 20);
}
}
public static void GetTcpConnections()
{
Console.WriteLine("start " + DateTime.Now.ToString());
IPGlobalProperties properties = IPGlobalProperties.GetIPGlobalProperties();
TcpConnectionInformation[] connections = properties.GetActiveTcpConnections();
foreach (TcpConnectionInformation t in connections) {
if (t.LocalEndPoint.ToString().IndexOf(":3389") > 0) {
Console.Write("Local endpoint: {0} ", t.LocalEndPoint.ToString());
Console.Write("Remote endpoint: {0} ", t.RemoteEndPoint.ToString());
Console.WriteLine("{0}", t.State);
string data = t.RemoteEndPoint.ToString() + "\t" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss") + "\r\n";
SavaProcess(data);
}
}
//Console.WriteLine();
//Console.ReadLine();
}
public static String SavaProcess(string data)
{
System.DateTime currentTime = System.DateTime.Now;
//获取当前日期的前一天转换成ToFileTime
string strYMD = currentTime.ToString("yyyyMMdd");
//按照日期建立一个文件名
string FileName = "log" + strYMD + ".txt";
//设置目录
string CurDir = System.AppDomain.CurrentDomain.BaseDirectory + @"Logs";
//判断路径是否存在
if (!System.IO.Directory.Exists(CurDir)) {
System.IO.Directory.CreateDirectory(CurDir);
}
//不存在就创建
String FilePath = CurDir + "/" + FileName;
//文件覆盖方式添加内容
System.IO.StreamWriter file = new System.IO.StreamWriter(FilePath,true);
//保存数据到文件
file.Write(data);
//关闭文件
file.Close();
//释放对象
file.Dispose();
return FilePath;
}
}
}
	
===================================================================
日志分析程序
	
	using System;
using System.Collections;
using System.Collections.Generic;
using System.Text;
using System.Net.NetworkInformation;
using System.Threading;
using System.Text.RegularExpressions;
namespace AnalysisLog
{
    class Program
    {
        static void Main(string[] args)
        {
            Analysis();
        }
        static void Analysis()
        {
            Hashtable ht = new Hashtable(); 
            string line;
            System.IO.StreamReader file =
            new System.IO.StreamReader(System.AppDomain.CurrentDomain.BaseDirectory + "log.txt");
            while ((line = file.ReadLine()) != null) {
                //System.Console.WriteLine(line);
                string ipPattern = @"(^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*?";
                Regex regex = new Regex(ipPattern);
                MatchCollection mc = regex.Matches(line);
                if (mc.Count > 0) {
                    string ip = mc[0].Groups[1].ToString();
                    if (ht.ContainsKey(ip)) {
                        long value = long.Parse(ht[ip].ToString());
                        ht[ip] = ++value;
                    }
                    else {
                        ht.Add(ip, 1);
                    }
                }
            }
            file.Close();
            if(ht.Count > 0) {
                string[] keyArray=new string[ht.Count];
                long[] valueArray=new long[ht.Count];
                ht.Keys.CopyTo(keyArray, 0);
                ht.Values.CopyTo(valueArray, 0);
                //下面就是对Value进行排序,当然需要按排序结果将Keys的值也作对应的排列
                //Sort默认是升序排序,如果想用降序排序请在Sort排序后使用Array.Reverse()进行反向排序
                Array.Sort(valueArray, keyArray);
                for (int i = 0; i < 10; i++) {
                    Console.WriteLine((i+1).ToString() + "." + keyArray[keyArray.Length - i -1] + "," + valueArray[valueArray.Length - i -1]);
                }
            }
            System.Console.ReadKey();
        }
    }
}
	
	
