Échantillons de Journaux de Serveur
Fichiers journaux du serveur avec adresses IP pour tester l'extraction
Key Facts
- Category
- Text Processing
- Items
- 6
- Format Families
- text
Sample Overview
Fichiers journaux du serveur avec adresses IP pour tester l'extraction This sample set belongs to Text Processing and can be used to test related workflows inside Elysia Tools.
📝 Journaux d'Accès Apache
🟢 simple
Format de journal d'accès du serveur web Apache standard avec des adresses IPv4
# Apache Access Logs Sample
# Copy any section below to test the IP Address Extractor
# Standard Apache Combined Log Format
192.168.1.100 - - [10/Oct/2024:13:55:36 +0000] "GET /api/users HTTP/1.1" 200 2326 "-" "Mozilla/5.0"
10.0.0.45 - - [10/Oct/2024:13:55:37 +0000] "POST /login HTTP/1.1" 200 1234 "https://example.com/login" "Mozilla/5.0"
172.16.0.23 - admin [10/Oct/2024:13:55:38 +0000] "GET /admin/dashboard HTTP/1.1" 200 5678 "-" "Chrome/120.0.0.0"
203.0.113.42 - - [10/Oct/2024:13:55:39 +0000] "GET /images/logo.png HTTP/1.1" 200 15342 "https://example.com/" "Safari/537.36"
198.51.100.99 - - [10/Oct/2024:13:55:40 +0000] "POST /api/data HTTP/1.1" 400 56 "-" "curl/7.68.0"
# Bot traffic
66.249.66.1 - - [10/Oct/2024:13:55:41 +0000] "GET /robots.txt HTTP/1.1" 200 78 "-" "Googlebot/2.1"
93.184.216.34 - - [10/Oct/2024:13:55:42 +0000] "GET /sitemap.xml HTTP/1.1" 200 4096 "-" "Bingbot/2.0"
# Error responses
192.0.2.54 - - [10/Oct/2024:13:55:43 +0000] "GET /nonexistent HTTP/1.1" 404 1234 "-" "Mozilla/5.0"
198.18.0.22 - - [10/Oct/2024:13:55:44 +0000] "POST /api/error HTTP/1.1" 500 890 "-" "PostmanRuntime/7.29.2"
# Multiple requests from same IP
192.168.1.100 - - [10/Oct/2024:13:55:45 +0000] "GET /api/products HTTP/1.1" 200 4567 "-" "Mozilla/5.0"
192.168.1.100 - - [10/Oct/2024:13:55:46 +0000] "GET /api/products/123 HTTP/1.1" 200 890 "-" "Mozilla/5.0"
192.168.1.100 - - [10/Oct/2024:13:55:47 +0000] "POST /api/cart HTTP/1.1" 201 234 "-" "Mozilla/5.0"
# IPv6 addresses
2001:0db8:85a3::8a2e:0370:7334 - - [10/Oct/2024:13:55:48 +0000] "GET /api/v2/data HTTP/1.1" 200 1234 "-" "curl/7.68.0"
fe80::1 - - [10/Oct/2024:13:55:49 +0000] "GET /status HTTP/1.1" 200 45 "-" "localhost"
2001:4860:4860::8888 - - [10/Oct/2024:13:55:50 +0000] "GET /dns-query HTTP/1.1" 200 789 "-" "Mozilla/5.0"
# Private IP ranges
10.20.30.40 - - [10/Oct/2024:13:55:51 +0000] "GET /internal HTTP/1.1" 200 123 "-" "Internal-Scanner/1.0"
172.31.255.255 - - [10/Oct/2024:13:55:52 +0000] "GET /health HTTP/1.1" 200 23 "-" "AWS-HealthCheck/1.0"
192.168.255.254 - - [10/Oct/2024:13:55:53 +0000] "GET /metrics HTTP/1.1" 200 567 "-" "Prometheus/2.0"📝 Journaux d'Erreur Nginx
🟢 simple
Format de journal d'erreur Nginx avec diverses adresses IP
# Nginx Error Logs Sample
# Copy any section below to test the IP Address Extractor
# Client connection errors
2024/10/10 13:55:36 [error] 12345#0: *123 client denied by server configuration: client: 192.168.1.50, server: example.com, request: "GET /admin HTTP/1.1"
2024/10/10 13:55:37 [error] 12345#0: *124 access forbidden by rule: client: 10.0.0.100, server: api.example.com
2024/10/10 13:55:38 [error] 12345#0: *125 client 172.16.0.200 closed connection prematurely
# Upstream connection issues
2024/10/10 13:55:39 [error] 12345#0: *126 upstream timed out (110: Connection timed out) while connecting to upstream, client: 203.0.113.45, upstream: "http://10.0.1.50:8080/api"
2024/10/10 13:55:40 [error] 12345#0: *127 connect() failed (113: No route to host) while connecting to upstream, client: 198.51.100.88
# Rate limiting
2024/10/10 13:55:41 [error] 12345#0: *128 limiting requests, excess: 20.102 by zone "addr", client: 192.0.2.77
2024/10/10 13:55:42 [warn] 12345#0: *129 request limit exceeded, client: 198.18.0.55
# SSL/TLS errors
2024/10/10 13:55:43 [error] 12345#0: *130 SSL_do_handshake() failed (SSL: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown) while SSL handshaking, client: 10.20.30.40
2024/10/10 13:55:44 [error] 12345#0: *131 client 172.31.0.100 reported invalid SSL certificate
# IPv6 client errors
2024/10/10 13:55:45 [error] 12345#0: *132 client 2001:0db8::1 denied by server configuration
2024/10/10 13:55:46 [error] 12345#0: *133 upstream timed out, client: fe80::2a1:cbff:fe80:1d2, upstream: "[2001:db8::2]:8080"
2024/10/10 13:55:47 [error] 12345#0: *134 connection refused from client: 2001:4860::1
# Spam/bot blocking
2024/10/10 13:55:48 [error] 12345#0: *135 blocking client 66.249.66.1 (Googlebot bypassed)
2024/10/10 13:55:49 [error] 12345#0: *136 suspicious activity from 93.184.216.34, blocking
# API errors
2024/10/10 13:55:50 [error] 12345#0: *137 FastCGI sent in stderr: "PHP message: API key invalid for client 192.168.100.50"
2024/10/10 13:55:51 [error] 12345#0: *138 API rate limit exceeded for client 10.255.255.255📝 Journaux de Pare-feu
🟢 simple
Journaux de pare-feu et de sécurité avec adresses IP
# Firewall Logs Sample
# Copy any section below to test the IP Address Extractor
# Blocked connections
Oct 10 13:55:36 firewall kernel: [UFW BLOCK] IN=eth0 SRC=192.168.1.100 DST=10.0.0.1 PROTO=TCP
Oct 10 13:55:37 firewall kernel: [UFW BLOCK] IN=eth0 SRC=203.0.113.50 DST=172.16.0.1 PROTO=UDP
Oct 10 13:55:38 firewall kernel: [UFW BLOCK] IN=eth0 SRC=198.51.100.75 DST=192.0.2.1 PROTO=TCP DPT=22
# Allowed connections
Oct 10 13:55:39 firewall kernel: [UFW ALLOW] IN=eth0 SRC=10.0.0.50 DST=10.0.0.1 PROTO=TCP
Oct 10 13:55:40 firewall kernel: [UFW ALLOW] IN=eth0 SRC=172.31.0.100 DST=172.31.255.1 PROTO=TCP
# Port scan detection
Oct 10 13:55:41 firewall kernel: Port scan detected from 192.0.2.99 - 50 connection attempts
Oct 10 13:55:42 firewall kernel: Multiple failed login attempts from 198.18.0.55
# DDOS protection
Oct 10 13:55:43 firewall kernel: Rate limit exceeded for 66.249.66.1 (1000 req/min)
Oct 10 13:55:44 firewall kernel: Blocking subnet 203.0.113.0/24 due to suspicious activity
# IPv6 firewall events
Oct 10 13:55:45 firewall kernel: [UFW BLOCK] SRC=2001:0db8::100 DST=2001:0db8::1 PROTO=TCP
Oct 10 13:55:46 firewall kernel: [UFW ALLOW] SRC=fe80::1 DST=fe80::2 PROTO=ICMPv6
Oct 10 13:55:47 firewall kernel: Blocking 2001:4860::/32 - potential botnet
# VPN connections
Oct 10 13:55:48 firewall vpn[1234]: User john connected from 198.51.100.50
Oct 10 13:55:49 firewall vpn[1234]: User jane connected from 192.168.88.99
Oct 10 13:55:50 firewall vpn[1234]: User admin connected from 10.20.30.40
# Intrusion detection
Oct 10 13:55:51 firewall ids: SQL injection attempt from 93.184.216.34
Oct 10 13:55:52 firewall ids: XSS attack detected from 172.16.0.200
Oct 10 13:55:53 firewall ids: Brute force detected from 192.0.2.150 (1000 attempts)
# GeoIP blocks
Oct 10 13:55:54 firewall geoip: Blocked connection from 5.188.62.128 (RU)
Oct 10 13:55:55 firewall geoip: Blocked connection from 45.142.212.70 (DE)
Oct 10 13:55:56 firewall geoip: Blocked connection from 103.230.104.50 (IN)📝 Journaux de Conteneur Docker
🟢 simple
Journaux de conteneur Docker avec des informations réseau
# Docker Container Logs Sample
# Copy any section below to test the IP Address Extractor
# Web server container
docker-app-1 | 2024-10-10 13:55:36 INFO Starting server on 0.0.0.0:8000
docker-app-1 | 2024-10-10 13:55:37 INFO Request from 192.168.1.50: GET /api/health
docker-app-1 | 2024-10-10 13:55:38 INFO Request from 10.0.0.100: GET /api/users
docker-app-1 | 2024-10-10 13:55:39 INFO Request from 172.16.0.200: POST /api/login
docker-app-1 | 2024-10-10 13:55:40 INFO Response 200 to 203.0.113.75
# Database container
docker-db-1 | 2024-10-10 13:55:41 INFO Connection from 192.168.1.100:5432 accepted
docker-db-1 | 2024-10-10 13:55:42 INFO Query from 10.0.0.50 completed in 5ms
docker-db-1 | 2024-10-10 13:55:43 WARNING Slow query from 198.51.100.88 (1500ms)
docker-db-1 | 2024-10-10 13:55:44 INFO Connection from 172.31.0.100 closed
# Redis container
docker-redis-1 | 2024-10-10 13:55:45 INFO Accepted 192.0.2.55:6379
docker-redis-1 | 2024-10-10 13:55:46 INFO Command from 198.18.0.100: GET cache:key
docker-redis-1 | 2024-10-10 13:55:47 INFO Expired 1000 keys requested by 10.255.255.255
# NGINX reverse proxy
docker-nginx-1 | 2024-10-10 13:55:48 INFO Upstream response from 192.168.100.50: 200
docker-nginx-1 | 2024-10-10 13:55:49 INFO Forwarding request from 203.0.113.99 to backend
docker-nginx-1 | 2024-10-10 13:55:50 INFO Client 198.51.100.200 requested /api/v2/data
docker-nginx-1 | 2024-10-10 13:55:51 INFO Rate limiting applied to 66.249.66.1
# Docker network events
docker-network | 2024-10-10 13:55:52 INFO Container app-1 joined network bridge (IP: 172.17.0.5)
docker-network | 2024-10-10 13:55:53 INFO Container db-1 joined network bridge (IP: 172.17.0.6)
docker-network | 2024-10-10 13:55:54 INFO Container redis-1 joined network bridge (IP: 172.17.0.7)
# IPv6 in Docker
docker-app-1 | 2024-10-10 13:55:55 INFO Request from fe80::1: GET /api/status
docker-app-1 | 2024-10-10 13:55:56 INFO Request from 2001:db8::100: POST /api/data
docker-app-1 | 2024-10-10 13:55:57 INFO Response to 2001:4860::1: 200 OK
# Docker health checks
docker-health | 2024-10-10 13:55:58 INFO Checking 127.0.0.1:8080/health
docker-health | 2024-10-10 13:55:59 INFO Checking 192.168.1.1:3306/ping
docker-health | 2024-10-10 13:56:00 INFO All containers healthy📝 Journaux d'Infrastructure Cloud
🟢 simple
Journaux cloud AWS/Azure/GCP avec adresses IP
# Cloud Infrastructure Logs Sample
# Copy any section below to test the IP Address Extractor
# AWS CloudFront
2024-10-10T13:55:36 EDGE123 123456789012 2001:0db8:85a3::8a2e GET /video/stream.m3u8 200 123456789 https://example.com/ Mozilla/5.0
2024-10-10T13:55:37 EDGE456 123456789012 203.0.113.50 GET /api/data 200 987654321 https://app.example.com/ curl/7.68.0
2024-10-10T13:55:38 EDGE789 123456789012 198.51.100.75 POST /api/submit 201 456123789 https://example.com/form Mozilla/5.0
# AWS ELB Access Logs
2024-10-10T13:55:39 ELB-APP 10.0.1.100:80 192.168.1.50:54321 0.000025 200 200 0 1234 "GET /api HTTP/1.1"
2024-10-10T13:55:40 ELB-APP 10.0.1.100:80 172.16.0.200:54322 0.000030 200 200 0 5678 "POST /login HTTP/1.1"
2024-10-10T13:55:41 ELB-APP 10.0.1.100:80 198.18.0.55:54323 0.000028 503 503 0 890 "GET /api HTTP/1.1"
# AWS VPC Flow Logs
2 123456789012 eni-12345678 10.0.0.100 192.168.1.50 443 54321 6 1234 1623456732 ACCEPT OK
2 123456789012 eni-12345678 172.16.0.200 10.0.0.100 80 54322 6 5678 1623456733 ACCEPT OK
2 123456789012 eni-12345678 198.51.100.75 10.0.0.100 22 54323 6 890 1623456734 REJECT OK
# Azure Application Gateway
2024-10-10T13:55:42 WSG_v1 APP_GW 10.1.0.100 203.0.113.99 - 80 - GET /api/v2/data HTTP/1.1 200 0 1234 5678 Mozilla/5.0
2024-10-10T13:55:43 WSG_v1 APP_GW 10.1.0.100 198.51.100.200 - 443 - POST /api/submit HTTP/1.1 201 0 5678 8901 curl/7.68.0
2024-10-10T13:55:44 WSG_v1 APP_GW 10.1.0.100 66.249.66.1 - 80 - GET /robots.txt HTTP/1.1 200 0 78 901 Googlebot/2.1
# GCP Cloud Load Balancing
2024-10-10T13:55:45 10.150.0.1 2001:0db8::100 - - 443 GET /api/resource HTTP/2 200 0 0.001 1234 "Mozilla/5.0"
2024-10-10T13:55:46 10.150.0.1 192.0.2.55 - - 443 POST /api/upload HTTP/2 201 0 0.002 5678 "curl/7.68.0"
2024-10-10T13:55:47 10.150.0.1 fe80::2a1:cbff:fe80:1d2 - - 80 GET /health HTTP/1.1 200 0 0.000 45 "kube-probe/1.0"
# CloudWatch Logs
2024/10/10 13:55:48 [INFO] Lambda function invoked from IP: 192.168.1.100
2024/10/10 13:55:49 [INFO] S3 event from 10.0.0.50 - PutObject bucket:data/file.txt
2024/10/10 13:55:50 [ERROR] Connection timeout to 172.31.0.100:5432
2024/10/10 13:55:51 [WARN] Unusual traffic from 198.18.0.200 - 1000 requests/minute
# Kubernetes logs
kube-system 2024-10-10T13:55:52.123456789Z pod/nginx-ingress-controller Request from 10.244.0.5: GET /api
kube-system 2024-10-10T13:55:53.123456789Z pod/nginx-ingress-controller Forwarding to 10.244.1.50:8080
kube-system 2024-10-10T13:55:54.123456789Z pod/coredns Response to 192.168.100.50: A example.com -> 1.2.3.4
# EC2 instance metadata
2024-10-10 13:55:55 [ec2-instance] Public IP: 54.123.45.67, Private IP: 10.0.1.100
2024-10-10 13:55:56 [ec2-instance] Public IP: 203.0.113.99, Private IP: 172.31.0.50
2024-10-10 13:55:57 [ec2-instance] Public IP: 198.51.100.200, Private IP: 10.255.255.255📝 Formats IP Mixtes
🟡 intermediate
Divers formats d'adresses IP y compris les cas limites
# Mixed IP Formats Sample
# Copy any section below to test the IP Address Extractor
# Standard IPv4 addresses
192.168.1.1
10.0.0.1
172.16.0.1
203.0.113.42
198.51.100.99
# IPv4 with port numbers
192.168.1.1:8080
10.0.0.1:443
172.16.0.1:22
127.0.0.1:3000
# IPv6 addresses
2001:0db8:85a3::8a2e:0370:7334
fe80::1
2001:4860:4860::8888
::1
2001:db8::8a2e:370:7334
# IPv6 with port numbers
[2001:0db8::1]:80
[fe80::1]:443
[::1]:3000
[2001:4860::8888]:8080
# IP ranges in CIDR notation
192.168.1.0/24
10.0.0.0/8
172.16.0.0/12
203.0.113.0/24
# IPv6 CIDR
2001:db8::/32
fe80::/10
::1/128
# Private IP ranges
10.0.0.1
10.255.255.255
172.16.0.1
172.31.255.255
192.168.0.1
192.168.255.255
# Reserved/documentation IPs
192.0.2.1
198.51.100.1
203.0.113.1
198.18.0.1
# Loopback addresses
127.0.0.1
127.0.0.1:8080
::1
# Broadcast addresses
192.168.1.255
10.255.255.255
# Network addresses
192.168.1.0
10.0.0.0
# Compressed IPv6
2001:db8::1
2001:db8:85a3::8a2e:370:7334
fe80::2a1:cbff:fe80:1d2
# IPv6 with IPv4 embedded (not recommended but exists)
::ffff:192.168.1.1
::ffff:10.0.0.1
# IP in URLs
https://192.168.1.1/admin
http://10.0.0.1:8080/api
https://[2001:db8::1]:443/secure
ftp://172.16.0.1/files
# IPs in text content
Server running on 192.168.1.100, please connect from your local machine at 10.0.0.50
Database available at 172.31.0.100:5432, username: admin
API endpoint: https://api.example.com (resolves to 1.2.3.4)
# IPs with unusual formatting
192 .168.1.1
192.168. 1.1
192.168.1.1
192.168.001.001
# Edge cases - not valid IPs but may appear
999.999.999.999
256.256.256.256
192.168.1
192.168.1.1.1
# IPs in JSON
{"server_ip": "192.168.1.100", "port": 8080}
{"client_ip": "10.0.0.50", "allowed": true}
{"ipv6": "2001:db8::1"}
# IPs in key-value pairs
server_address=192.168.1.100
client_ip=10.0.0.50
database_host=172.16.0.1
# Log timestamps that look like IPs (edge case)
2024.10.10.13.55.36
10/Oct/2024:13:55:37