I am by no means a programmer but I would love to learn. Problem is I have a real problem that needs a script asap.

I need to write a script that can parse a logfile and pull out unique ip address from the source address column and create a file with the name of the ip address as the filename. Then when a destination IP addresses matches the source address of a file it appends that unique destination address and port to that file.

So what im trying to do is create a file for each infected computer and append inside that file all the hosts they are trying to infect.

Here is a snippet of the logfile.

-----------------------------------------------------------------------
2007-08-30 11:31:52,Syslog.Info,10.254.5.164,"26838: Aug 30 11:31:50: %SEC-6-IPACCESSLOGP: list 199 denied tcp 10.5.167.246(4086) -> 10.184.232.130(1433), 1 packet"
2007-08-30 11:31:52,Syslog.Info,10.254.6.24,"432042: pik-router: Aug 30 11:31:52: %SEC-6-IPACCESSLOGP: list 199 denied tcp 10.253.220.42(1509) -> 10.25.50.154(1433), 1 packet"
2007-08-30 11:31:52,Syslog.Info,10.254.3.176,"492962: lco-router: Aug 30 11:31:52: %SEC-6-IPACCESSLOGP: list 199 denied tcp 10.3.179.232(2661) -> 10.45.253.12(1433), 1 packet"
2007-08-30 11:31:52,Syslog.Info,10.254.5.240,"4841: .Aug 30 11:31:52: %SEC-6-IPACCESSLOGP: list 199 denied tcp 10.253.218.171(1532) -> 10.246.248.36(1433), 1 packet"
2007-08-30 11:31:52,Syslog.Info,10.254.5.240,"4842: .Aug 30 11:31:53: %SEC-6-IPACCESSLOGP: list 199 denied tcp 10.253.218.171(1564) -> 10.25.5.144(1433), 1 packet"
2007-08-30 11:31:52,Syslog.Info,172.20.7.13,"495539: ba2-router: Aug 30 11:31:52: %SEC-6-IPACCESSLOGP: list 199 denied tcp 10.253.221.172(2346) -> 10.30.165.137(445), 1 packet"
2007-08-30 11:31:52,Syslog.Info,10.254.0.244,"473266: nac-router: Aug 30 11:31:52: %SEC-6-IPACCESSLOGP: list 199 denied tcp 10.0.247.183(3230) -> 10.155.217.188(1433), 1 packet"