Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: [Solved] Look for strings and use variables
Top Forums Shell Programming and Scripting [Solved] Look for strings and use variables Post 302564610 by Benou on Friday 14th of October 2011 07:03:24 AM
Old 10-14-2011
[Solved] Look for strings and use variables
Hello guys,

First of all, thanks for taking the time to read my post.
So, here I have a file from my honeypot which record IP addresses and web pages visited. I would like to manipulate it in order to create Snort signatures and ACLs.
But I am having troubles to extract the src IP address and the web page visited from the following log: mylog.log
Code:
...
--MARK--,"Thu Oct 13 11:14:03 EDT 2011","webmin/HTTP","192.168.230.1","192.168.230.140",61176,80,
"GET /Webcam/webcam.html HTTP/1.1

Host: 192.168.230.140
Accept-Language: en
Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
Connection: Close
Date: Thu, 13 Oct 2011 15:14:02 GMT
Pragma: no-cache
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
",
--ENDMARK--
--MARK--,"Thu Oct 13 11:14:05 EDT 2011","webmin/HTTP","192.168.230.1","192.168.230.140",61178,80,
"GET /cgi-bin/camctrl.cgi HTTP/1.1

Host: 192.168.230.140
Accept-Language: en
Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
Connection: Close
Date: Thu, 13 Oct 2011 15:14:03 GMT
Pragma: no-cache
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
",
--ENDMARK-- 
...

So as I said, I would like to extract the src_ip address (192.168.230.1) and web pages visited (/Webcam/webcam.html and /cgi-bin/camctrl.cgi)
The file is pretty big and the best would be to put the results into variable like:
$ip_src=192.168.230.1
$content=/Webcam/webcam.html

I can't get my head around it and I have been trying using sed and grep but without success. Any help would be greatly appreciated.
Thanks a lot.
Ben
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Need assistance with appending strings using sed and variables

HI, Can't seem to find anything on the forums to fix this. I have a file, one line within this will not have a specific string at the end. I have the string, but need to append it to the specific line which has it missing. I need to use a variable for this, $string - I am using double... (13 Replies)
Discussion started by: mandriver
13 Replies

2. Shell Programming and Scripting

assign colon delimited strings to variables

Man it has been too long since I have had to do this type of stuff... OK I have a file with lines in it looking like this: bob:johnson:email@email.com (most lines) john:F.:doe:email2@email.com (but some are like this) I need to loop through and assign vars to the values: var Fname =... (29 Replies)
Discussion started by: NewSolarisAdmin
29 Replies

3. Shell Programming and Scripting

replace two character strings by two variables with sed command

Hello, I want to writte a script that replace two character strings by two variables with the command sed butmy solution doesn't work. I'm written this: sed "s/TTFactivevent/$TTFav/g && s/switchSLL/$SLL/g" templatefile. I want to replace TTFactivevent by the variable $TTFav, that is a... (4 Replies)
Discussion started by: POPO10
4 Replies

4. UNIX for Dummies Questions & Answers

[Solved] take name of directory and files as variables

hi, want to create script that takes name of directory and all files and will copy each file to new directory. then fix errors like files do not exist or no permission to create new directory... these what I have so far... #!/bin/sh dir=~/Documents/Scripts/Copy for i in $(pwd) $(ls)... (23 Replies)
Discussion started by: me.
23 Replies

5. Shell Programming and Scripting

[Solved] Bash test 2 variables to see if ones greater by n

Experts, I have a bash shell script that generates 2 variables that have the current minute and a minute from a log file. Can someone please show me the best way to test if the minutes stray by 5. So basically if: This is ok: Last Fitting Min ============= 02 Current Minute =============... (2 Replies)
Discussion started by: jaysunn
2 Replies

6. Shell Programming and Scripting

[Solved] Working with date (add minutes using variables)

Dear all, today I'm scratching my head with a simple (I believe) issue. Working with date is quite simple, so if I Need to add some seconds to current time, I'll use: date --date='+30 seconds' +"%Y-%m-%d %H:%M:%S"But, how to pass the value to add from a variable? I tried the following without... (2 Replies)
Discussion started by: Lord Spectre
2 Replies

7. Shell Programming and Scripting

[solved] Question for using variables outside a while loop

I want to get newvar outside the while any ideas? while read myline; do var=${myline} newvar1=$(let "$var") done echo $newvar1 I found it its ok now Thank you! (0 Replies)
Discussion started by: sanantonio7777
0 Replies

8. Shell Programming and Scripting

[SOLVED] nawk FS using pipe read variables from file

I have a file data_1.out which contains: 1|abc mail|mail subject|mail body 2|def mail|mail subject|def mail body I am trying to read the variables from data_1.out and use them to print to 2 different files based on the id (first_column) The problem is I am not able to read the file... (8 Replies)
Discussion started by: sol_nov
8 Replies

9. Homework & Coursework Questions

[solved]Perl: Printing line numbers to matched strings and hashes.

Florida State University, Tallahassee, FL, USA, Dr. Whalley, COP4342 Unix Tools. This program takes much of my previous assignment but adds the functionality of printing the concatenated line numbers found within the input. Sample input from <> operator: Hello World This is hello a sample... (2 Replies)
Discussion started by: D2K
2 Replies

10. UNIX for Dummies Questions & Answers

Adding variables to repeating strings

Hello, I want to add a letter to the end of a string if it repeats in a column. so if I have a file like this: DOG001 DOG0023 DOG004 DOG001 DOG0023 DOG001 the output should look like this: DOG001-a DOG0023-a DOG004 DOG001-b (15 Replies)
Discussion started by: verse123
15 Replies

LEARN ABOUT DEBIAN

thpot

SHONEYPOT(8)						      System Manager's Manual						      SHONEYPOT(8)

NAME

       thpot - Tiny honeypot to setup simple (and fake) services

SYNOPSIS

       thpot [service name]

DESCRIPTION

       This  manual  page documents briefly the thpot command.	This manual page was written for the Debian distribution because the original pro-
       gram does not have a manual page.  Instead, it has documentation in the GNU Info format; see below.

       thpot is a program that enables you to fake services by configuring it to be executed through either xinetd or inetd.  All  the	connection
       attempts and sessions to simulated services are logged under /var/log/thpot.

OPTIONS

       This program takes as argument the name of the service which is being simulated, it can be anyone of shell, ftp, http, mssql, smtp, pop3 or
       ssh. If the service name is none of these a null response is returned (but the session is logged)

FILES

       /var/log/thpot
	      Location of the connections attempts and sessions to the honeypot services.

       /etc/thpot/thp.conf
	      Configuration for the honeypot

       /usr/share/thpot/
	      Miscellaneous files and functions used by thpot

SEE ALSO

       inetd.conf(5), inetd(8)

AUTHOR

       This manual page was written by Javier Fernandez-Sanguino Pen~a <jfs@computer.org>, for the Debian GNU/Linux system (but  may  be  used	by
       others).

								September 17, 2003						      SHONEYPOT(8)
All times are GMT -4. The time now is 07:48 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy