Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

regex question

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers regex question
# 1  
Old 02-11-2004
help needed with regex scripting
hi,
i got a problem with understanding regular expressions. what i wanna do is
scanning the wtmp logfile for ips and if a specific ip is echoed id like to be a part of a text to be assigned to it.

the scanning is done with
Code:
#! /bin/bash

cat wtmp | strings | egrep -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]" | sort -u

and this works quite fine.

now if an ip (for example 100.116.77.8) is given out id like a piece of a text to be echoed to the bash.

now my questions:
how can i do that? i got a kind-of-a-dictionary-file which looks like that: (i dont really understand it completely...)
Code:
#! /bin/bash

if [ $# -lt 2 ] ; then
   echo "usage: $0 <arglist regex>"
   exit 1
fi

VAR=`cat input.txt` 

#echo "$VAR"
TXT=""

for i in $* ; do 
   #echo $i
   #echo "$VAR" | grep "^$i " | cut -d " " -f2- | sed -e "s/^\"//" | sed -e "s/\"$//" 
   tmp=`echo "$VAR" | grep "^$i " | cut -d " " -f2- | sed -e "s/^\"//" | sed -e "s/\"$//"`
   TXT="$TXT $tmp"
   
done

echo "$TXT" | tr -s " "

and i got the textfile input.txt where the text to be echoed when a ip is given out from the wtmp is stored.
it looks like that:

100.116.77.8 = blahblah
100.126.77.8 = bangbang
....


can anybody help me set up a complete script that does all that? thank you in advance

added code tags
Last edited by oombera; 02-11-2004 at 11:57 AM..
# 2  
Old 02-11-2004
Here's a nice little tutorial I found while looking around: The UNIX Bourne Shell

Also, a good Getting started with awk tutorial ... in case you're interested in learning more about regular expressions.

But anyway...

I'm having a hard time understanding exactly what you're trying to do.

You're grabbing IP addresses out of the WTMP file. I use ksh, but I think this will work for you:
Code:
#! /bin/bash

cat wtmp | strings | egrep "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]" | sort -u | while read LINE
do
  grep $LINE input.txt
done

If you only want to print the text part from input.txt, then use:
Code:
#! /bin/bash

cat wtmp | strings | egrep "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]" | sort -u | while read LINE
do
  grep $LINE input.txt | awk '{print $3}'
done

Last edited by oombera; 02-11-2004 at 02:55 PM..
# 3  
Old 02-11-2004
hi oombera,
thank you very much for your effort.
the scripts are working, but they dont do anything...as i said, im new to programming...

maybe it helps when i try to tell what i want to do:

i get the IPs from the wtmp with my script (which should be looped so that every 5 seconds the wtmp log is searched through), then i have for example 20 different IPs.
lets say one of them is 195.100.0.0.
every time my script gives me that IP (because the user with that IP logged on or off and gets logged in the wtmp) i want a part of a text to be sent to the bash.
its kind of a feedback system...so my bash gets bits of text mapped onto the ips....

i hope it got a lil bit more clear this time...excuse me, i really have got problems to put my ideas into words...lol
# 4  
Old 02-11-2004
First, see if you even get any output with the code you first listed:
Code:
#! /bin/bash

cat wtmp | strings | egrep "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]" | sort -u

(note: i took the -o option out of egrep ... i don't have that option so it gives me an error)

If that works, try this and see if you get anything on screen:
Code:
#! /bin/bash

cat wtmp | strings | egrep "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]" | sort -u | while read LINE; do echo $LINE; done

If that works, then I want you to actually list a few real lines from input.txt so I can see what that file looks like.
# 5  
Old 02-11-2004
hi,
your scripts are working and i get the ips from the wtmp listed on my screen, i just had to add the dir /var/log/wtmp .


my input.txt contains lines like

100.195.123.123 = whats happening here
120.241.212.111 = i want a bratwurst baby


something like that...

now if 100.195.123.123 is in the output of wtmp.sh "whats happening here" should be written on my bash and in the syslog.

i dont really know how to do that...
# 6  
Old 02-11-2004
Code:
#! /bin/bash

cat /var/log/wtmp | egrep "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]" | sort -u | while read LINE
do
  grep $LINE input.txt | awk '{if ($3 != "") for (i=3; i<=NF; i+=1) printf $i " "} END {if ($3 != "") print ""}' | tee -a some/logfile
done

# 7  
Old 02-12-2004
thank you very much!
its working!
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Regex question

I want to match all occurrence of 01,03,05,07,10,11 at 9th and 10th position of a string . I tried the following but its also matching characters like 33 or 11 on 9th and 10th position . sed "/^\{8\}00/d" A.TXT 000000001000 433483433339 <<< wrong 121121211100 <<< wrong 167710000110... (10 Replies)
Discussion started by: boncuk
10 Replies

2. Shell Programming and Scripting

Regex Question

Hi I am trying to match lines having following string BIND dn="uid= putting something like this is not working : /\sBIND dn="uid=/ Any suggestion. Thanks. John (9 Replies)
Discussion started by: john_prince
9 Replies

3. Shell Programming and Scripting

regex question

Hi guys, I am trying to "grep" or "egrep" the following entry out of the file using regex: MACCDB1 or MACCDB2 The problem is that the file might contain other entries which start with "MACCDB" string. I was trying to use regex to "grep" the exact pattern but it fails to output the correct... (2 Replies)
Discussion started by: aoussenko
2 Replies

4. Shell Programming and Scripting

regex question

Hi guys, I have a file in the following format: cmpr5551 cmpr6002 cmpr93 anne 5454 bbro 434 cmprsvc cmprsvc7 ffgi55 vefe99 cmprsvc8 cmprsvc9 I need to "grep" only the entries which start with "cmpr" followed by the number. All other entries should be excluded. I was trying to use... (3 Replies)
Discussion started by: aoussenko
3 Replies

5. Shell Programming and Scripting

RegEX question

Hi, I am trying to write a regex for myscript and need some input from experts. here is what I must grep for TICKET{Sapce}{Space}{hyphen} so here is the example data TICKET 34554, CT-12345, TICKET 12345: some text here TICKET 2342, CT-12345, MA-12344: some text here TICKET... (5 Replies)
Discussion started by: rider29
5 Replies

6. UNIX for Dummies Questions & Answers

regex question

I have dates in mm/dd/yy format that I wish to convert to yy-mm-dd format. ()/()/() finds them, but when I try to replace with $3-$1-$2 both kate and kwrite treat it as a text literal. (2 Replies)
Discussion started by: porphyry5
2 Replies

7. Shell Programming and Scripting

Question on regex with * and .

I have a basic question regarding * and . while using regex: # echo 3 | grep ^*$ 3 I think I understood why it outputs "3" here (because '*' matches zero or more of the previous character) but I don't understand the output of the following command: # echo 3 | grep ^.$ # I thought I... (7 Replies)
Discussion started by: mirage
7 Replies

8. Shell Programming and Scripting

regex question

Hi, im sure this is really simple but i cant quite figure it out. how do i test against a word at the beginning of the line but up to the point of a delimiter i.e. ":" for example if i wanted to test against the user in the /etc/passwd file peter:x:101:100:peters account:/var/peter:/bin/sh ... (3 Replies)
Discussion started by: hcclnoodles
3 Replies

9. Shell Programming and Scripting

regex question

Hi I have a question on regex There is a line in a script like my_file="$(echo SunMonTueWed | sed "s//_&g") " My question what does the expression _&g do. Obviously in this example the output is _Sun_Mon_Tue_Wed Another question can i use some trick to get the result like... (3 Replies)
Discussion started by: xiamin
3 Replies

10. Shell Programming and Scripting

regex question

I have a simple file test.out that contains data in the form of key1=A|shift1 key2=B|shift2 key3=C|shift3 and so on. I need to get it to print A B C I can do it using lookbehind assertion such as this ( ?<==)() yet I was wondering if there is another way of mutching single... (8 Replies)
Discussion started by: arushunter
8 Replies
Login or Register to Ask a Question