I need some help with Grep
Hello,
I am trying to read through my flooded firewall logs. So far the majority of my log is filled with 192.168.1.23,138 -> <my gateway> Very annoying and preventing the logging of this sort of traffic is another story. As for now, I want to know how to sort through this firewall log and pick out only the IPs that do not start with 192. So far I have, awk '/ / {print $6}' ./firewall.log | grep "192*" --outputs---- 192.168.1.23,138 192.168.1.23,138 192.168.1.23,138 .... ------------- which gives me the undesired list of hundreds of 192 ips. (The IP is by itself in field 6) now there has to be an easy way to display only the ips in field 6 that do not start with 192? Thanks everyone! |
Something like
awk '$6 !~ /^192\./ ' firewall.log maybe? Cheers, Tink |
I assume the mysterious looking awk command works, but for future reference the grep option is -v for --invert-match.
|
Heh. What is mysterious about the awk command? :}
If Code:
'$6 Code:
!~ Code:
/^192\./ print the line (awks default action). Cheers, Tink |
And I always thought "awk" was the call of a Channel-billed Cuckoo :)
|
Quote:
the programmers, Aho, Weinberger & Kerninghan. They might as well have named it wak, or kaw, or something less easily pronounced like wka :} Cheers, Tink |
so it's not short for awkward then?... I've been misled... ;)
|
Hehe. No, it's misspelt short for awkesome :}
awk rocks. Small, clear, lightweight. Often quite suitable for tasks that other may think a perl-thing. Cheers, Tink |
All times are GMT -5. The time now is 01:12 AM. |