Y'all;
I need to [ find | build ] a module that will return real-time status of hits on a rather large number of IP addresses. I am trying to check for all of the currently registered exit nodes from the TOR network. The number could range from nearly 1,000 to over 2,000 addresses.
I already have a process that will build a text file with the IP addresses in a sorted file. Now I'm looking for a module (or any other solution) that will watch the log files to see who is connecting from one of those addresses, and give me a real-time alert when it occurs.
Baring that, can anyone point me to a working shell for a module that I might be able to change to accomplish this. I have loads of programming experience, but 3 days of dealing with Splunk.
Thanks muchly,
Lee
... View more