LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-13-2011, 01:25 PM   #1
c0ld.3l3m3nt
LQ Newbie
 
Registered: Jan 2011
Location: Netherlands
Posts: 7

Rep: Reputation: 0
Using awk to clean up nmap output?


Wondering how to use awk to take nmap's output "Discovered open port 23/tcp on 192.168.0.4" and create a output of "192.168.0.4:23"?
 
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 01-13-2011, 02:02 PM   #2
pwc101
Senior Member
 
Registered: Oct 2005
Location: UK
Distribution: Slackware
Posts: 1,847

Rep: Reputation: 128Reputation: 128
Code:
nmap -args host | awk -F" |/" '/Discovered/ {print $NF":"$4}'

Last edited by pwc101; 01-13-2011 at 02:03 PM.
 
2 members found this post helpful.
Old 01-13-2011, 02:47 PM   #3
c0ld.3l3m3nt
LQ Newbie
 
Registered: Jan 2011
Location: Netherlands
Posts: 7

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by pwc101 View Post
Code:
nmap -args host | awk -F" |/" '/Discovered/ {print $NF":"$4}'
Thank you for this was helpful but is there way you can break down
Code:
awk -F" |/" '/Discovered/ {print $NF":"$4}'
and elaberate why I would use these commands? If not its ok just want to know why Id use this.
 
Old 01-13-2011, 02:52 PM   #4
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Quote:
Originally Posted by c0ld.3l3m3nt View Post
Thank you for this was helpful but is there way you can break down
Code:
awk -F" |/" '/Discovered/ {print $NF":"$4}'
and elaberate why I would use these commands? If not its ok just want to know why Id use this.
Code:
-F" |/"
Define the field-separator to be either a space, or a slash.


Code:
/Discovered/
On any line that has the string Discovered in it ...

Code:
{print $NF":"$4}'
... print the last field, followed by a colon, and the fourth field.



Cheers,
Tink

Last edited by Tinkster; 01-13-2011 at 02:53 PM.
 
2 members found this post helpful.
Old 01-13-2011, 03:47 PM   #5
c0ld.3l3m3nt
LQ Newbie
 
Registered: Jan 2011
Location: Netherlands
Posts: 7

Original Poster
Rep: Reputation: 0
so to take this one step further I could do this?
Code:
nmap -v 192.168.0.0-255 -p 23 | grep open | awk -F" |/" '/Discovered/ {print $NF":"$4}' > /home/user/desktop/output.txt
so I get a output file?
 
Old 01-13-2011, 03:55 PM   #6
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Absolutely. You can re-direct anything to a file (just about; if the output were
on stderr rather than stdout you may need to use a 2>&1 w/ it).



Cheers,
Tink

Last edited by Tinkster; 01-13-2011 at 04:00 PM.
 
Old 01-13-2011, 04:02 PM   #7
pwc101
Senior Member
 
Registered: Oct 2005
Location: UK
Distribution: Slackware
Posts: 1,847

Rep: Reputation: 128Reputation: 128
Quote:
Originally Posted by c0ld.3l3m3nt View Post
so to take this one step further I could do this?
Code:
nmap -v 192.168.0.0-255 -p 23 | grep open | awk -F" |/" '/Discovered/ {print $NF":"$4}' > /home/user/desktop/output.txt
so I get a output file?
The grep and the /Discovered/ are doing the same job. You can either dispense with the grep (my preference) or take out the /Discovered/ from the awk command. Both are searching for matching patterns in the output of nmap. If it wasn't working with just the awk search, replace Discovered with open, and it should work.
 
Old 01-13-2011, 04:08 PM   #8
c0ld.3l3m3nt
LQ Newbie
 
Registered: Jan 2011
Location: Netherlands
Posts: 7

Original Poster
Rep: Reputation: 0
Code:
awk -F" |/" '/Discovered/ {print $NF":"$4}' input.txt > /home/user/desktop/output.txt
Also with just playing around found how I can fix already made txt lists to be filtered.. thanx again you guys you really helped me in the right direction!!
 
Old 01-13-2011, 04:09 PM   #9
pwc101
Senior Member
 
Registered: Oct 2005
Location: UK
Distribution: Slackware
Posts: 1,847

Rep: Reputation: 128Reputation: 128
Quote:
Originally Posted by c0ld.3l3m3nt View Post
Code:
awk -F" |/" '/Discovered/ {print $NF":"$4}' input.txt > /home/user/desktop/output.txt
Also with just playing around found how I can fix already made txt lists to be filtered.. thanx again you guys you really helped me in the right direction!!
To use an existing file, just supply it as an argument to awk:
Code:
awk '{print $1,$2}' somefile.txt > newfile.txt
That'll print the first and second columns of a file called somefile.txt to a new file called newfile.txt.
 
Old 01-13-2011, 04:16 PM   #10
c0ld.3l3m3nt
LQ Newbie
 
Registered: Jan 2011
Location: Netherlands
Posts: 7

Original Poster
Rep: Reputation: 0
ahh yah Im starting to understand it better you guys really helped opened the door to understanding awk better.. thank you alot
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
awk does not > output Alkass Programming 4 04-25-2010 05:10 PM
generate xml from nmap output shourya21 Linux - Newbie 1 01-24-2008 08:54 AM
Awk Output kalyanofb Programming 4 02-02-2007 02:23 AM
Could someone please explain this nmap output? stardotstar Linux - Networking 0 02-07-2005 10:02 PM
Is this site secure (nmap output)? Erik Thorsson Linux - Security 14 10-24-2004 02:44 PM


All times are GMT -5. The time now is 12:37 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration