Need help with grep syntax and reg exp
I have been banging my head against this for a few days. I don't know much about regular expressions and my original thought was just to use grep to take the content below and show a few key facts from it.
So from this jumble mess (a converted snmp trap to syslog):
Kiwi_Syslog_Daemon Original Address=10.1.1.1 community="kiwisyslog", enterprise=126.96.36.199.188.8.131.52.383.0.1, enterprise_mib_name=ciscoCidsAlert, uptime=434027636, agent_ip=10.1.1.2, version=Ver2, 184.108.40.206.220.127.116.11.318.104.22.168=1193860087813417372, cidsGeneralEventId=1193860087813417372, 22.214.171.124.126.96.36.199.3188.8.131.52="Hex String=07 D8 01 08 09 16 24 00", cidsGeneralLocalTime="Hex String=07 D8 01 08 09 16 24 00", 184.108.40.206.220.127.116.11.318.104.22.168="Hex String=07 D8 01 08 0F 16 24 00", cidsGeneralUTCTime="Hex String=07 D8 01 08 0F 16 24 00", 22.214.171.124.126.96.36.199.3188.8.131.52=ciscoasaIPS, cidsGeneralOriginatorHostId=ciscoasaIPS, 184.108.40.206.220.127.116.11.318.104.22.168=low, cidsAlertSeverity=low, 22.214.171.124.126.96.36.199.3188.8.131.52=2147483648, cidsAlertAlarmTraits=2147483648, 184.108.40.206.220.127.116.11.318.104.22.168="ICMP Network Sweep w/Echo", cidsAlertSignatureSigName="ICMP Network Sweep w/Echo", 22.214.171.124.126.96.36.199.3188.8.131.52=2100, cidsAlertSignatureSigId=2100, 184.108.40.206.220.127.116.11.318.104.22.168=0, cidsAlertSignatureSubSigId=0, 22.214.171.124.126.96.36.199.3188.8.131.52=S2, cidsAlertSignatureVersion=S2, 184.108.40.206.220.127.116.11.318.104.22.168=0, c...
to something like this?
10.201.103.3 2100 low ICMP Network Sweep w/Echo
So basically taking this out of it and creating a string of output, but without the syntax to grep the stuff out I'm lost...
cidsAlertSignatureSigName="ICMP Network Sweep w/Echo"
I have looked at snmptt for this and really the specific need here is so basic I would like to do it this way, also I'm really hoping to figure this out as a learning experience. I have tried grepping the file for things like $agent_ip (it just does nothing) and agent_ip (it returns the whole thing as output). Any ideas?