Ah perfect! But what of the port number variable? Would it work if I used the command you provided and piped it with a grep statement stating the port number? ie.
Please use CODE tags as required by forum rules when displaying sample input, sample output, and code segments.
Obviously, you can search for the string 80 in awk (if you'd like to pass your script some options or some more operands) or you can grep the output produced by the code I suggested, but I don' understand how searching for 80 in your sample input has anything to do with a port number. The string 80 in the sample data you provided will match on LEN=80 and on several different ID values such as ID=7802 and ID=1800 through ID=1806. Although it doesn't happen to match any parts of your sample data like the numbers between square brackets; parts of the SRC and DEST IP addresses; parts of the MAC addresses; and parts of the TOS, PREC, SPT, and DPT fields it certainly looks like any of those fields could provide a match and none of them seem to have anything to do with a port number.
Your original code also had searches for chains (which do not have any obvious entries in your sample data) and it prompts for an IN modifier, but has INPUT-DROPPEDIN=value and FORWARD-ACCEPTEDIN=value (but not just IN=value).
Note also that most lines in your sample data contain two LEN=value fields. If you wanted to match a LEN field, would it matter which one matched?
Before we talk about adding a chain of grep commands to a pipeline or adding code to the awk script to search for more patterns, please clearly describe what each of your patterns is supposed to match. (Are you hoping to match a basic regular expression, an extended regular expression, or a fixed string? Are you hoping to match a pattern if it matches any substring in a line, or to only match an entire "word" in a line?)
This User Gave Thanks to Don Cragun For This Post:
hi sirs
can u tell the difference between /var/log/syslogs and /var/adm/messages
in my working place i am having two servers.
in one servers messages file is empty and syslog file is going on increasing..
and in another servers message file is going on increasing but syslog file is... (2 Replies)
The /var/adm/messages in Solaris seem to log more system messages/errors compared to /var/log/messages in Linux.
I checked the log level in Linux and they seem OK.
Is there any other log file that contains the messages or is it just that Linux doesn't log great many things? (2 Replies)
How can view log messages between two time frame from /var/log/message or any type of log files.
when logfiles are very big and especially many messages with in few minutes, I would like to display log messages between 5 minute interval.
Could you pls give me the command? (1 Reply)
So I want the DBA to access /var/log/messages and so I logged in as root and then edited the sudoers file as follows
"oracle ALL= (root) /bin/view, /var/log/messages"
However when I login as oracle and try
"sudo more /var/log/messages" I get
Sorry, user oracle is not allowed to... (1 Reply)
Whenever a user uses su I get the following error messages in /var/log/messages:
Nov 23 04:24:55 <REMOVED> abrt: saved core dump of pid 26141 (/usr/libexec/fprintd) to /var/spool/abrt/ccpp-1322018695-26141.new/coredump (753664 bytes)
Nov 23 04:24:55 <REMOVED> abrtd: Directory... (3 Replies)
Hello All,
I want to write a script to monitor my product logs from /var/log/messages and send notifications without using "tail -f" command.Please suggest alternatives and any other tools for monitoring and alerting.
Thank You (1 Reply)
Below is my script to log all the command input by any user to /var/log/messages. But I cant achieve the desired output that i want. PLease see below.
function log2syslog
{
declare COMMAND
COMMAND=$(fc -ln -0)
logger -p local1.notice -t bash -i -- "$USER:$COMMAND"
}
trap... (12 Replies)
I have been searching and reading about syslog. I would like to know how to Transfer the logs being thrown into /var/log/messages into another file example /var/log/volumelog.
tail -f /var/log/messages
dblogger: msg_to_dbrow: no logtype using missing
dblogger: msg_to_dbrow_str: val ==... (2 Replies)
I am trying to create a script that checks if my VPN connection is up and running...
Everything seems to work as except but for some reason, the script fills up my /var/log/auth.log with the below information
Dec 13 01:07:44 debian sudo: soichiro : TTY=pts/0 ; PWD=/home/soichiro/Desktop ;... (5 Replies)
03-29-2017
