PowerShell: List IP address from log files
I often have to parse random log files to find IP address. This snipped of code will let you parse any log file, extract and count any IP addresses in it. Useful for firewalls and the like.
$LogPath = "C:\Temp\LogFile.log" #Put the path to the log here.
$excludeIP = "192.168.254.232" #Often a log has a local IP that isnt usefull in it. You can exclude that here.
$regexIPAddress = '\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b' # regex for an IP
$matches = (Select-String -LiteralPath $LogPath -Pattern $pattern -AllMatches | ForEach-Object { $_.Matches } | % { $_.Value }) | Where-Object -FilterScript {$_ -ne "$excludeIP" }
$Groups = $matches | group | Sort-Object -Property count -Descending
$Groups.count
$Groups | Where-Object {$_.Count -gt 1000} #change this number to filter to hit count