I am trying to parse this syslog pulling out and logging results to a file. The information I want is: scrip, scrport, dstip, dstport. I just want the numbers, not including the text part ie srcip=". Problem is, the column locations change, so I can't use the nice awk $1 $2 etc to idenify the wanted data. I have read enough scripting posts that my head is spinning. It seems, everyones columns stay the same, hence my issue. Here is a snippit of the log file:
Notice that some lines have, outitf and others do not. Any help will be greatly apprciated. I want to stick with learning scripting, but this is driving me crazy.
Thanks again,
Bob
Moderator's Comments:
Please use code tags when posting data and code samples!
Last edited by vgersh99; 05-02-2011 at 02:23 PM..
Reason: code tags, please!
Hello,
I'm facing problem to extract fields from below syslog :
logver=56 idseq=63256900099118326 itime=1563205190 devid=FG-5KDTB18800138 devname=LAL-C1-FGT-03 vd=USER date=2019-07-15 time=18:39:49 logid="0000000013" type="traffic"
subtype="forward" level="notice" eventtime=1563205189... (17 Replies)
Discussion started by: arm
17 Replies
LEARN ABOUT SUSE
postlog
POSTLOG(1) General Commands Manual POSTLOG(1)NAME
postlog - Postfix-compatible logging utility
SYNOPSIS
postlog [-iv] [-c config_dir] [-p priority] [-t tag] [text...]
DESCRIPTION
The postlog(1) command implements a Postfix-compatible logging interface for use in, for example, shell scripts.
By default, postlog(1) logs the text given on the command line as one record. If no text is specified on the command line, postlog(1) reads
from standard input and logs each input line as one record.
Logging is sent to syslogd(8); when the standard error stream is connected to a terminal, logging is sent there as well.
The following options are implemented:
-c config_dir
Read the main.cf configuration file in the named directory instead of the default configuration directory.
-i Include the process ID in the logging tag.
-p priority
Specifies the logging severity: info (default), warn, error, fatal, or panic.
-t tag Specifies the logging tag, that is, the identifying name that appears at the beginning of each logging record. A default tag is used
when none is specified.
-v Enable verbose logging for debugging purposes. Multiple -v options make the software increasingly verbose.
ENVIRONMENT
MAIL_CONFIG
Directory with the main.cf file.
CONFIGURATION PARAMETERS
The following main.cf parameters are especially relevant to this program.
The text below provides only a parameter summary. See postconf(5) for more details including examples.
config_directory (see 'postconf -d' output)
The default location of the Postfix main.cf and master.cf configuration files.
syslog_facility (mail)
The syslog facility of Postfix logging.
syslog_name (see 'postconf -d' output)
The mail system name that is prepended to the process name in syslog records, so that "smtpd" becomes, for example, "postfix/smtpd".
SEE ALSO postconf(5), configuration parameters
syslogd(8), syslog daemon
LICENSE
The Secure Mailer license must be distributed with this software.
AUTHOR(S)
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA
POSTLOG(1)
05-02-2011
