Find Jobs
Hire Freelancers

Powershell script to parse IIS logs & send email alerts if any user login from different IP or unexpected location

₹1500-12500 INR

Fermé
Publié il y a plus de 3 ans

₹1500-12500 INR

Payé lors de la livraison
Requirements: Whoever access emails hosted on exchange server, request goes through IIS to access their emails. IIS maintains logs of each connection. IIS creates one log file for each day in the form of [login to view URL], ignoring timezone of the server. The example below is having time zone of India i.e. +5:30 Now the target is to alert the user or the administrator, if user has logged on using a new location or new ISP or different than his past trend. (Suspicious connection) So, the alert should consist of the IP address, approximate city, country & ISP (sites like [login to view URL]), some info of the device (user agent) date & time of the connection (log entry time) Sometime we will observe that connection was made but the log entry (even the consecutive entries) does not have any username. This IP is also unique, we would name them as ghost entries (visits by bots, search engines, crawlers). Admin should be notified for this also. Sometimes we will see no username in first entry but later a username(cs-username) will be there. So we will associate that IP with that user not wit ghost entry. We will maintain a database or log for each user to set a trend/pattern. IF a user made a connection from outside India or different than the trend/pattern an email should go to admin and/or the user. We can also add the information fetched from ip to location websites, to this database/log and make a historical data. We can attach this user specific historical data with the email trigger/alert (optional to include the file) I have found good tool to get meaningful records: [login to view URL] Using this tool I have found log of 50MB having 10,000 rows, populate only 25 rows with which we have to work on. We can ignore entries having local network IP. Sample data parsed by the tool: Video help (previous version) [login to view URL] The SQL statement that did the job (you are free to build your own SQL statement) SELECT DISTINCT c-ip as IP,cs-username,cs(User-Agent) FROM '[LOGFILEPATH]' WHERE c-ip not IN ('[login to view URL]';'::1';'fe80::4d9a:7f50:5587:ff19%13') and c-ip not like '192.168.5.%' order by ip This tool has generated the PS1 file for your reference. Now the question, how frequently the email trigger comes. Ideally ASAP. If not feasible, after an hour, couple of hours by latest by end of the day. Gmail also maintain this historical data as “recent activity” You can install IIS on windows 8/10 machine also & generate sample data & editing local IP to public IP. I cannot send real IIS data file due to privacy & company policy issue. [login to view URL]
N° de projet : 27256591

Concernant le projet

3 propositions
Projet à distance
Actif à il y a 3 ans

Cherchez-vous à gagner de l'argent ?

Avantages de faire une offre sur Freelancer

Fixez votre budget et vos délais
Soyez payé pour votre travail
Surlignez votre proposition
Il est gratuit de s'inscrire et de faire des offres sur des travaux
3 freelances proposent en moyenne ₹8 741 INR pour ce travail
Avatar de l'utilisateur
Hi Client , I have done similar projects already in many use cases, I can close this quickly. I’m an Independent, Senior Software Engineer, Freelance Web & Automation developer with 5+ years of experience with Master degree holder and expertise in POWERSHELL, PYTHON, MACHINE LEARNING, DEEP LEARNING, DATA SCIENCE, ANSIBLE, DOCKER, PHP, HTML 5, CSS3, JAVASCRIPT, NODE. JS, MYSQL, MONGODB, technology with complete Full stack web developer and automation scripting developer. I’m a huge fan of the work, my goal is to get the project done on time with client satisfaction. If you have the time, I’d like to chat with you about the job requirements of yours. If you have time to talk, you can reach me anytime Thanks for your time, and I look forward to hearing from you.
₹4 000 INR en 1 jour
5,0 (7 commentaires)
3,4
3,4
Avatar de l'utilisateur
Ihave 3 years of experience in powershell and can deliver the task as per the requirement and expectation. Please provide me your environment details so that i can discuss and proceed with preparing the script using powershell
₹11 111 INR en 3 jours
0,0 (0 commentaires)
0,0
0,0
Avatar de l'utilisateur
Hi there, I can do this task exactly as you requested. Let me know if this project is still open and trust me I will not waste your time. Thanks
₹11 111 INR en 2 jours
0,0 (0 commentaires)
0,0
0,0

À propos du client

Drapeau de INDIA
Noida, India
5,0
1
Méthode de paiement vérifiée
Membre depuis mars 11, 2012

Vérification du client

Merci ! Nous vous avons envoyé un lien par e-mail afin de réclamer votre crédit gratuit.
Une erreur a eu lieu lors de l'envoi de votre e-mail. Veuillez réessayer.
Utilisateurs enregistrés Total des travaux publiés
Freelancer ® is a registered Trademark of Freelancer Technology Pty Limited (ACN 142 189 759)
Copyright © 2024 Freelancer Technology Pty Limited (ACN 142 189 759)
Chargement de l'aperçu
Permission donnée pour la géolocalisation.
Votre session de connexion a expiré et vous avez été déconnecté. Veuillez vous connecter à nouveau.