Find IP addresses that have too many unsuccessful requests Run
Summary
This script will find unsuccessful requests caused by the same IP address. In this case, it's enough for the IP address to occur 10 times to be considered by this script.
Note
This script is quite general because it looks at the entire history. However, we probably want to restrict the search to a certain time interval, for instance during a the recent week or even day.
This would be achieved by simply adding a and x.Time >= month for instance. Any general date can be specified by DateTime(yyyy,mm,dd) (i.e. replace with month). The final query (restricted to a month) would look as following:
Logs.Where(x => x.State % 100 >= 20 and x.Time >= month and Logs.Count(y => y.IP == x.IP ) > 10)
Summary
This script will find unsuccessful requests caused by the same IP address. In this case, it's enough for the IP address to occur 10 times to be considered by this script.
Note
This script is quite general because it looks at the entire history. However, we probably want to restrict the search to a certain time interval, for instance during a the recent week or even day.
This would be achieved by simply adding a and x.Time >= month for instance. Any general date can be specified by DateTime(yyyy,mm,dd) (i.e. replace with month). The final query (restricted to a month) would look as following:
Logs.Where(x => x.State % 100 >= 20 and x.Time >= month and Logs.Count(y => y.IP == x.IP ) > 10)
Made in Sweden