This should show how many unique IP addresses a given email address has been accessed over. Grep "A=courier_login" /var/log/exim_mainlog | sed -e 's#H=.* \:*#' | awk '' Use the awk command with an if statement so that if the $1st column has a count higher than 1 it prints out the total line. But that's OK because really you just want whatever is in its place, so this will suffice: Matched IP addresses can be extracted from a file using grep command. Since you haven't put this actual address in, it cannot be searched for in the sample data. The following regular expressions match IPv4 addresses. But if not, you'll have to write a regex to parse the line. If, for example, the specification says that none of these fields may contain whitespace, it may turn out that LanX's suggestion of split may be enough. The way I would suggest approaching this is to see if you can find out more specifications about the fields - in particular, whether any of the date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip fields may contain whitespace, and if they can, how they might be delimited, etc. For example, if you assumed that the regex I showed will always match twice per line, and then your log file happens to contain an IP address in the cs-uri-stem cs-uri-query fields, and/or a hostname in one of the s-ip c-ip fields, code based on this assumption will break. Sorry, but what you have told us so far is still not enough information to build a robust parser. Hippo's reply hopefully makes clear: the sample input you have shown appears to still not really be representative of real-world data, because I assume there is a chance that the " s-port" may not always be 443, and the user agent is unlikely to always start with curl, etc. Re^3: How to grep matching IP address from a log file? One of it is my source IP, the other is the IP addresses I want to extract.Ĭ-ip being the IP address I want to extract Re^2: How to grep matching IP address from a log file?Īs you have mentioned, there will be 2 Ip addresses per line. Also, note that with your current regex, you're just matching the first digits of an IP address, and you may get false positives. In the code you posted, you are reading the entire file into an array, which is a bit wasteful, and it'd probably be better if you used a regular while () loop instead, like what I showed above and as is explained in e.g. Have a look at this for some advice on designing regexes. All I can say is that if you only want to match one IP per line, you can replace the inner while loop with a single if. your input isn't representative, so we can't really help there. Also, if that's the case, you haven't shown what the actual lines look like, i.e. If you don't want that, you need to extend the regex to match the surrounding parts of the line. If this is an actual IP address, then that will be matched too. #Note that I only want to grep IP addresses (192.168.1.1-3) that are i +n the same netmask specified in $matcher
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |