|
sed problems
The problem is that I fail to understand how to use sed :)
Here is what I'm trying to do. A file full of iptables log entry like this Code:
Apr 9 18:32:16 feddesk kernel: IN=eth0 OUT= MAC=00:0c:29:d1:7f:b3:00:1b:2f:75:c4:32:08:00 SRC=128.59.14.106 DST=192.168.0.7 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=1454 DF PROTO=TCP SPT=56918 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0Any help appreciated :) |
You could use sed... awk... perl... or cut even for this pretty much--
Code:
sed 's/.*SRC=\([0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\).*/\1/' filename.txt > ip.listCode:
cat log | cut -f10 -d' ' | cut -f2 -d= > ip.listEdit: In retrospect a brief explanation-- Code:
sed 's/.*SRC=\([0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\).*/\1/' filename.txt > ip.listanything preceeding "SRC=" group four number sets between 1 and 3 chars long separated by a . followed by anything display the first grouping found, input file: filename.txt, redirect stdout to ip.list |
What is it that you do not understand?
Here is my favorite SED tutorial: http://www.grymoire.com/Unix/Sed.html |
gawk solution
Hi
If you don't mind using gawk the following command should do Code:
gawk '{print $9}' logfile | cut -b 5- >> IPlist-Cheers indiajoe |
Thanks all for the help, much appreciated. I'm on the way to getting to grips with it now with these examples and that tutorial.
|
(g)awk doesn't require the cut:
Code:
awk '{sub(/SRC=/,"");print $9}' logfile >> IPlist |
If you can presume that much, this should work
Code:
sed -n -r 's/.*SRC=([^[:space]]).*/\1/p' |
| All times are GMT -5. The time now is 06:59 AM. |