我正在尝试通过使用第四列(警报)在第二列(源IP)中获得最高的出现率。
样品列表:
test=[["2019-01-05 03:15:49","192.168.0.15","192.168.0.116:4070","network discover"],
["2019-01-05 03:25:49,"192.168.0.15","192.168.0.1:4070","network discover"],
["2019-01-05 03:35:49","192.168.0.15","192.168.0.116:4070","network discover"],
["2019-01-05 03:55:49,"192.168.0.12","192.168.0.1:4070","network discover"],
["2019-01-05 04:38:13","192.168.0.15","192.168.0.41:445","ETERNALBLUE tool"],
["2019-01-05 05:28:13","192.168.0.12","192.168.0.39:445","ETERNALBLUE tool"]]
所需的输出
网络发现,192.168.0.15 = 3
网络发现,192.168.0.12 = 1
ETERNALBLUE工具,192.168.0.15 = 1
ETERNALBLUE工具,192.168.0.12 = 1
答案 0 :(得分:2)
使用npm-dts -r /your/project/root generate
例如:
collections.defaultdict输出:
from collections import defaultdict
test=[["2019-01-05 03:15:49","192.168.0.15","192.168.0.116:4070","network discover"],
["2019-01-05 03:25:49","192.168.0.15","192.168.0.1:4070","network discover"],
["2019-01-05 03:35:49","192.168.0.15","192.168.0.116:4070","network discover"],
["2019-01-05 03:55:49","192.168.0.12","192.168.0.1:4070","network discover"],
["2019-01-05 04:38:13","192.168.0.15","192.168.0.41:445","ETERNALBLUE tool"],
["2019-01-05 05:28:13","192.168.0.12","192.168.0.39:445","ETERNALBLUE tool"]]
result = defaultdict(int)
for i in test:
result[(i[-1], i[1])] += 1
print(result)
答案 1 :(得分:1)
您可以使用activerecord-import:
import = klass.import columns, records, on_duplicate_key_update: [:amount], validate: true输出:
Counter