LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-30-2014, 01:14 PM   #1
skoda
Member
 
Registered: Jun 2013
Posts: 111

Rep: Reputation: Disabled
Using two greps in same line


Hello,

is this a valid statement?

Quote:
cat /usr/local/cpanel/logs/session_log | grep "NEW .*app=cpaneld" | grep xxx.xxx.xxx.xxxx.
*xxx are ip octets

but it produces the result expected.
 
Old 07-30-2014, 01:16 PM   #2
Spatior
Member
 
Registered: Jun 2009
Location: México
Distribution: Suse, Debian based, CentOs
Posts: 48

Rep: Reputation: 10
Hi skoda,

sure is a valid expression, althoug some may say it's not efficient, but that depends on how much data you are greping.

question:
you are getting the data you need? i got confused in your last statement
 
Old 07-30-2014, 01:17 PM   #3
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 3,774
Blog Entries: 1

Rep: Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339
Looks fine, except for the additional x in your final ip address octet, and the useless use of cat.

Code:
grep "NEW .*app=cpaneld" /usr/local/cpanel/logs/session_log | grep xxx.xxx.xxx.xxx
or if you don't mind the mess:

Code:
grep "NEW .*xxx.xxx.xxx.xxx.*app=cpaneld" /usr/local/cpanel/logs/session_log

Last edited by szboardstretcher; 07-30-2014 at 01:31 PM.
 
Old 07-30-2014, 01:28 PM   #4
skoda
Member
 
Registered: Jun 2013
Posts: 111

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by szboardstretcher View Post
Looks fine, except for the additional x in your final ip address octet, and the useless use of cat.

Code:
grep "NEW .*app=cpaneld" /usr/local/cpanel/logs/session_log | grep xxx.xxx.xxx.xxx
Hai zsb...

Quote:
grep xxx.xxx.xxx.xxxx.
this actually represent an ip address of a hacker. just wanna know how many cpanel accounts he accessed.

thanks for the comment btw.

---------- Post added 07-30-14 at 12:29 PM ----------

Quote:
Originally Posted by szboardstretcher View Post
Looks fine, except for the additional x in your final ip address octet, and the useless use of cat.

Code:
grep "NEW .*app=cpaneld" /usr/local/cpanel/logs/session_log | grep xxx.xxx.xxx.xxx
Thanks for the verification.
 
Old 07-30-2014, 01:33 PM   #5
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 3,774
Blog Entries: 1

Rep: Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339Reputation: 1339
If this is a hacker,. very first thing to do is remove the box from the network. Then go through your backup/restore, root-cause, fix/patch/update, verification routine before putting it back in service.

You can head over to http://www.linuxquestions.org/questi...ux-security-4/ for help root-causing the attack vector and getting advice. Unspawn is the moderator there and he knows his stuff. Check his stickies out on the subject.

Last edited by szboardstretcher; 07-30-2014 at 01:35 PM.
 
Old 07-30-2014, 01:35 PM   #6
skoda
Member
 
Registered: Jun 2013
Posts: 111

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by szboardstretcher View Post
If this is a hacker,. very first thing to do is remove the box from the network. Then go through your backup/restore, root-cause, fix/patch/update, verification routine before putting it back in service.

You can head over to http://www.linuxquestions.org/questi...ux-security-4/ for help root-causing the attack vector and getting advice. Unspawn is the moderator there and he knows his stuff. Check his stickies out on the subject.
undestood!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Insert line using sed or awk at line using line number as variable sunilsagar Programming 11 02-03-2012 11:48 AM
[SOLVED] [bash] 25,000 greps - better solution? hashbang#! Programming 23 11-09-2010 05:14 PM
php - Read file line by line and change a specific line. anrea Programming 2 01-28-2007 02:43 PM


All times are GMT -5. The time now is 02:30 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration