~phlash/sinkhole

07b4c1da15ec351adfbe722c7da1ef5300b8e213 — Phil Ashby 3 months ago fc1f23c
report top hitters today
1 files changed, 7 insertions(+), 2 deletions(-)

M etc/cron.daily/x1report-hosts-blocked
M etc/cron.daily/x1report-hosts-blocked => etc/cron.daily/x1report-hosts-blocked +7 -2
@@ 83,15 83,20 @@ stats = {k: update(k,v) for (k,v) in stats.items()}
#print(f"Updated({len(stats)}):", stats)

print(f"Blocked DNS lookups from log {SINKHOLE_LOG} ({total} hits for {len(hits)} hosts), suppressed by {SINKHOLE_SUPPFILE} ({len(stats)} entries) for {SINKHOLE_SUPPDAYS} days")
print("\nNew (or renewed) domains today")
for hit in sorted(hits, key=hits.get, reverse=True):
    if not hit in suppress:
        print(f"{hits[hit]} {hit}")
        print(f"\t{hits[hit]} {hit}")
    if not hit in stats:
        stats[hit] = (hits[hit], now)

print(f"\nTop {SINKHOLE_TOPSIZE} hitters today")
for hit in sorted(hits, key=hits.get, reverse=True)[:SINKHOLE_TOPSIZE]:
    print(f"\t{hits[hit]} {hit}")

print(f"\nTop {SINKHOLE_TOPSIZE} hitters (all time):")
for top in sorted(stats.items(), key=lambda s: s[1][0], reverse=True)[:SINKHOLE_TOPSIZE]:
    print(top[1][0], top[0])
    print(f"\t{top[1][0]} {top[0]}")

with open(SINKHOLE_SUPPFILE, 'wb') as f:
    pickle.dump(stats, f)