Need help with grep syntax and reg exp
I have been banging my head against this for a few days. I don't know much about regular expressions and my original thought was just to use grep to take the content below and show a few key facts from it.
So from this jumble mess (a converted snmp trap to syslog):
Kiwi_Syslog_Daemon Original Address=10.1.1.1 community="kiwisyslog", enterprise=184.108.40.206.220.127.116.11.383.0.1, enterprise_mib_name=ciscoCidsAlert, uptime=434027636, agent_ip=10.1.1.2, version=Ver2, 18.104.22.168.22.214.171.124.3126.96.36.199=1193860087813417372, cidsGeneralEventId=1193860087813417372, 188.8.131.52.184.108.40.206.3220.127.116.11="Hex String=07 D8 01 08 09 16 24 00", cidsGeneralLocalTime="Hex String=07 D8 01 08 09 16 24 00", 18.104.22.168.22.214.171.124.3126.96.36.199="Hex String=07 D8 01 08 0F 16 24 00", cidsGeneralUTCTime="Hex String=07 D8 01 08 0F 16 24 00", 188.8.131.52.184.108.40.206.3220.127.116.11=ciscoasaIPS, cidsGeneralOriginatorHostId=ciscoasaIPS, 18.104.22.168.22.214.171.124.3126.96.36.199=low, cidsAlertSeverity=low, 188.8.131.52.184.108.40.206.3220.127.116.11=2147483648, cidsAlertAlarmTraits=2147483648, 18.104.22.168.22.214.171.124.3126.96.36.199="ICMP Network Sweep w/Echo", cidsAlertSignatureSigName="ICMP Network Sweep w/Echo", 188.8.131.52.184.108.40.206.3220.127.116.11=2100, cidsAlertSignatureSigId=2100, 18.104.22.168.22.214.171.124.3126.96.36.199=0, cidsAlertSignatureSubSigId=0, 188.8.131.52.184.108.40.206.3220.127.116.11=S2, cidsAlertSignatureVersion=S2, 18.104.22.168.22.214.171.124.3126.96.36.199=0, c...
to something like this?
10.201.103.3 2100 low ICMP Network Sweep w/Echo
So basically taking this out of it and creating a string of output, but without the syntax to grep the stuff out I'm lost...
cidsAlertSignatureSigName="ICMP Network Sweep w/Echo"
I have looked at snmptt for this and really the specific need here is so basic I would like to do it this way, also I'm really hoping to figure this out as a learning experience. I have tried grepping the file for things like $agent_ip (it just does nothing) and agent_ip (it returns the whole thing as output). Any ideas?