Home > Back-end >  find repeating unknown value from different keys of subarrays in PHP
find repeating unknown value from different keys of subarrays in PHP

Time:03-13

I have an Array like this. this is a connection log of some devices to Internet.

Array
(
[0] => Array
(
[src_ip] => x
[src_port] => 48755
[dst_ip] => y
[dst_port] => 443
[device_id] => 22040

)

[1] => Array
(
[src_ip] => x
[src_port] => 48754
[dst_ip] => y
[dst_port] => 443
[device_id] => 22040
)

[2] => Array
(
[src_ip] => z
[src_port] => 443
[dst_ip] => x
[dst_port] => 54267
[device_id] => 22040

)... more than 1000 row!)

source IP: [src_ip] and destination IP: [dst_ip] based on Sending or Receiving connection states change their position. we don't know current network state (sending/receiving) also we don't know current IP of device. IP of device is fixed but sometimes it placed on [src_ip] sometimes in [dst_ip]

but we can see repeating and continuous occurrence of an IP in either in [src_ip] or [dst_ip] of all subarrays (rows) which show us the IP of communicating device. how can find IP of device in this array using PHP? ( most repeating IP in first 100 row for example)

we can not use IP Address range.

CodePudding user response:

You can extract values using array_column, then you count the values using array_count_values and last, you use max for the most used IPs.

An example:

<?php

$src = array_column($connections, 'src_ip');
$dst = array_column($connections, 'dst_ip');

$count = array_count_values(array_merge($src, $dst));
$max = array_keys($count, max($count));

print_r($count);
print_r($max);

CodePudding user response:

$data = [
    [ 'src_ip' => '5B---45A', 'src_port' => 48755, 'dst_ip' => '0A---223', 'dst_port' => 443, 'device_id' => 22040 ],
    [ 'src_ip' => '5B---45A', 'src_port' => 48754, 'dst_ip' => '0A---223', 'dst_port' => 443, 'device_id' => 22040 ],
    [ 'src_ip' => '11---D2B', 'src_port' => 443, 'dst_ip' => '5B---45A', 'dst_port' => 54267, 'device_id' => 22040 ],
    [ 'src_ip' => '11---D2B', 'src_port' => 443, 'dst_ip' => '5B---45A', 'dst_port' => 54267, 'device_id' => 22039 ],
    [ 'src_ip' => '11---D2B', 'src_port' => 443, 'dst_ip' => '0A---223', 'dst_port' => 54267, 'device_id' => 22040 ]
];

If device_id is irrelevant:

$section = array_slice($data, 0, 99);
$result = array_count_values([ ...array_column($section, 'src_ip'), ...array_column($section, 'dst_ip') ]);
print_r($result);

Output:

Array
(
     [5B---45A] => 4
     [11---D2B] => 3
     [0A---223] => 3
)

If device_id matters, first filter for it:

$section = array_slice(array_filter ($data, fn($item) => $item['device_id'] === 22040), 0, 99);
$result = array_count_values([ ...array_column($section, 'src_ip'), ...array_column($section, 'dst_ip') ]);
print_r($result);

Output:

Array
(
     [5B---45A] => 3
     [11---D2B] => 2
     [0A---223] => 3
)

Page link:https//www.codepudding.com/Backend/333307.html

Prev:PHP nl2br for text content but make it exclude on javascript content
Next:Calculating what proportion of a variable is in a given discrete state on a given date in an R dataf
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding