Visit Our UNIX and Linux User Community


Extracting relevant information from syslogs.


 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Extracting relevant information from syslogs.
# 1  
Old 09-12-2012
Extracting relevant information from syslogs.

I need to analyse some syslogs and I want to print out all the lines containing SSH connections to the inside interface of the firewall and ignore lines where the originating port is 22. So basically I want to print all matches after "to inside:" that contains /22 and ignore lines where /22 occur before "to inside:"

Before:

Code:
Teardown TCP connection 1595221765 for outside:10.35.22.20/22 to inside:10.33.249.82/1373 duration 0:25:10 bytes 119889 TCP FINs
Teardown TCP connection 1596165459 for outside:10.94.27.204/22 to inside:10.35.249.82/1558 duration 0:25:09 bytes 316401 TCP FINs
Teardown TCP connection 1597641639 for outside:123.32.168.219/10365 to inside:10.88.38.232/22 duration 0:00:30 bytes 0 SYN Timeout
Teardown TCP connection 1598227499 for outside:10.40.223.47/22 to inside:10.77.68.82/1804 duration 1:08:48 bytes 42429 TCP FINs
Teardown TCP connection 1597660611 for outside:10.93.226.150/22 to inside:10.43.249.82/1761 duration 1:31:26 bytes 25733 TCP FINs
Teardown TCP connection 1605038930 for outside:103.33.241.216/12995 to inside:10.5.36.232/22 duration 0:00:30 bytes 0 SYN Timeout

After:

Code:
Teardown TCP connection 1597641639 for outside:123.32.168.219/10365 to inside:10.88.38.232/22 duration 0:00:30 bytes 0 SYN Timeout
Teardown TCP connection 1605038930 for outside:103.33.241.216/12995 to inside:10.5.36.232/22 duration 0:00:30 bytes 0 SYN Timeout

# 2  
Old 09-12-2012
Try...
Code:
egrep 'inside:[0-9\.]+/22' file

# 3  
Old 09-12-2012
Quote:
Originally Posted by Ygor
Try...
Code:
egrep 'inside:[0-9\.]+/22' file

This is great thanks and it is getting me close to what I am looking for. However how can i limit it to striclty /22 as per the following example;

cat file.txt |grep -e "/22\>"

---------- Post updated at 01:04 PM ---------- Previous update was at 12:31 PM ----------

I found a solution, I added \s to include the white space after 22 and now it is working perfectly, thanks :-)

Code:
egrep 'inside:[0-9\.]+/22\s' file


Previous Thread | Next Thread
Test Your Knowledge in Computers #843
Difficulty: Medium
HTTP cannot directly support file transfer.
True or False?

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Extracting information from XML to excel

Hi, I am trying to extract information from a XML file and write it to a excel sheet. I am not sure where to start from. Here is the content from my input XML file. <com.cloudbees.hudson.plugins.folder.properties.FolderProxyGroupContainer plugin="nectar-rbac@4.5"> <groups> ... (4 Replies)
Discussion started by: Sajjadmehdi
4 Replies

2. Shell Programming and Scripting

[Solved] Extracting information from DDL's

Dear Experts, I need your help here. I have lot of teradata DDL's as follows, i want to extract field names , field attributes and NOT NULL information from DDL.Could you please help here. Sample DDL: CREATE MULTISET TABLE APS_CALL_IN_PICKUP_CANCELED ,NO FALLBACK , NO BEFORE... (2 Replies)
Discussion started by: srikanth38
2 Replies

3. Shell Programming and Scripting

Extracting information using awk

I want to write a script that extracts a value from a line of text. I know it can be done using awk but I've never used awk before so I don't know how to do it. The text is: Mem: 100M Active, 2150K Cache, 500M Buf, 10G Free I want to extract the free memory value to use as a variable. In... (5 Replies)
Discussion started by: millsy5
5 Replies

4. Shell Programming and Scripting

Problems extracting some information

Hi there! Well, I'm writing a script to obtain certain information about files. Specifically, I want to get the information about those files which last access were in the last 24 hours, so I'm doing something like this: find <directory_name> -atime -1 -printf '%f %a\n' I would also... (4 Replies)
Discussion started by: Skirmish
4 Replies

5. Shell Programming and Scripting

extracting information from multiple files

Hello there, I am trying to extract (string) information ( a list words) from 4 files and then put the results into 1 file. Currently I am doing this using grep -f list.txt file1 . and repeat the process for the other 3 files. The reasons i am doing that (a) I do know how to code (b) each file... (4 Replies)
Discussion started by: houkto
4 Replies

6. Programming

extracting information from lines, put them into arrays

hi I need a little help writing this small perl script. I'm trying to extract the values from each line in a file and find the average for example cat school Highschool 100, 123, 135 Middleschool 41, 67, 54 Elementary 76, 315, 384 ./average.pl highschool: 119.3 middleschool: 54... (2 Replies)
Discussion started by: gengar
2 Replies

7. Shell Programming and Scripting

Matching two file contents and extracting associated information

Hi, I am new to shell programming and need help. I have File1 with some ID numbers and File2 with ID number and some associated information. I want to match the ID numbers from File1 to contents in File2 and output a third file which pulls out the ID numbers and the associated information with... (2 Replies)
Discussion started by: newpro
2 Replies

8. Shell Programming and Scripting

Problems with extracting information

Hi all, <select name="comp" id="comp" style="width:130px;"> <?php $sqlcomp = mysql_query("SELECT * FROM comp"); while ($redcomp = mysql_fetch_array($sqlcomp)) { extract($redcomp); echo "<option value=\"$comp_id\">comp_name</option>"; } ?> ... (0 Replies)
Discussion started by: c0mrade
0 Replies

9. UNIX for Dummies Questions & Answers

Extracting information from text fields.

Dear friends, I'm a novice Unix user and I'm trying to learn the ropes. I have a big task I have to accomplish and I'm convinced Unix can get the job done, I just haven't figured out how. I recently posted on the topic of cutting text between unique text patterns and somebody helped me a great... (24 Replies)
Discussion started by: spindoctor
24 Replies

10. Shell Programming and Scripting

Extracting information from a template

I have a template that I usually use to generate stats on an hourly basis for a number of cell sites altogether. I would like to be able to write a script that would go to the template and extract the information for any single site at any time during the day. For example, let's say that my... (4 Replies)
Discussion started by: Ernst
4 Replies

Featured Tech Videos