Need help with grep syntax and reg exp
I have been banging my head against this for a few days. I don't know much about regular expressions and my original thought was just to use grep to take the content below and show a few key facts from it.
So from this jumble mess (a converted snmp trap to syslog):
Kiwi_Syslog_Daemon Original Address=10.1.1.1 community="kiwisyslog", enterprise=18.104.22.168.22.214.171.124.383.0.1, enterprise_mib_name=ciscoCidsAlert, uptime=434027636, agent_ip=10.1.1.2, version=Ver2, 126.96.36.199.188.8.131.52.3184.108.40.206=1193860087813417372, cidsGeneralEventId=1193860087813417372, 220.127.116.11.18.104.22.168.322.214.171.124="Hex String=07 D8 01 08 09 16 24 00", cidsGeneralLocalTime="Hex String=07 D8 01 08 09 16 24 00", 126.96.36.199.188.8.131.52.3184.108.40.206="Hex String=07 D8 01 08 0F 16 24 00", cidsGeneralUTCTime="Hex String=07 D8 01 08 0F 16 24 00", 220.127.116.11.18.104.22.168.322.214.171.124=ciscoasaIPS, cidsGeneralOriginatorHostId=ciscoasaIPS, 126.96.36.199.188.8.131.52.3184.108.40.206=low, cidsAlertSeverity=low, 220.127.116.11.18.104.22.168.322.214.171.124=2147483648, cidsAlertAlarmTraits=2147483648, 126.96.36.199.188.8.131.52.3184.108.40.206="ICMP Network Sweep w/Echo", cidsAlertSignatureSigName="ICMP Network Sweep w/Echo", 220.127.116.11.18.104.22.168.322.214.171.124=2100, cidsAlertSignatureSigId=2100, 126.96.36.199.188.8.131.52.3184.108.40.206=0, cidsAlertSignatureSubSigId=0, 220.127.116.11.18.104.22.168.322.214.171.124=S2, cidsAlertSignatureVersion=S2, 126.96.36.199.188.8.131.52.3184.108.40.206=0, c...
to something like this?
10.201.103.3 2100 low ICMP Network Sweep w/Echo
So basically taking this out of it and creating a string of output, but without the syntax to grep the stuff out I'm lost...
cidsAlertSignatureSigName="ICMP Network Sweep w/Echo"
I have looked at snmptt for this and really the specific need here is so basic I would like to do it this way, also I'm really hoping to figure this out as a learning experience. I have tried grepping the file for things like $agent_ip (it just does nothing) and agent_ip (it returns the whole thing as output). Any ideas?