Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Xtracting IP_nrs from Logfiles with awk

Status
Not open for further replies.
walta

walta

Programmer
Dec 28, 2001
9
DE
Hi folks, having some trouble with awk. Maybe one could help me with this script.
As you see in the comments, this file should extract IP Numbers from an apache logfile, to "nslookup" their names.
But it seems that I have a mistake saving the actual content
on a "stack" to have it compared with the "new" value.
Could someone lead me to the right direction ?
TIA Oliver
#! /usr/bin/awk -f
#
# used to extract the ip-numbers of an apache-logfile
# a logfile looks like this line
# 212.185.238.10 - - [18/Dec/2001:15:41:39 +0100] "GET / HTTP/1.1" 200 271 "-" "Mozil
# several lines with the same IP numer appearing, until the number changes
# the file is already grouped with sort
# This should extract only different IP numbers

begin { pstack=" " } # just clean the var pstack (shall hold the previous value)
{
printf ("FIELD1= %s\n", $1) # show us, what's in the first field
infield=$1 # make var infield the content of $1 (the IP number)
if($pstack == $infield) # if $pstack is the same as infield
# (in the first run it is " " so it should not come in)
# in the second and further run, there should be the value
# from the previous line, which could be the same
{

print "similar to pstack\n"
}
else # if there is a difference, show the new number
# (write in a file)
{
print "different!"
$pstack= $1 # set $pstack the new value
}
}
 
Sort by date Sort by votes
This is from one I wrote a while ago to parse the apache
error log to send mail to codered offenders.
#!/bin/sh

addresses=$(awk ' {
gsub(/.*\[client/,"",$0)
gsub(/\].*/,"",$0)

if ($0 ~ /[0-9]+\.[0-9]+\.[0-9]+/) {
print
}
}' apache_log | sort -u)

You could use the same pattern match and gsub (/[a-zA-Z]/,"",$0), etc..

HTH
M
 
Upvote 0 Downvote
marsd,
thanks for your response, but as result there should be
a file or output, which only shows the different IP-numbers.
f.e.
logfile
192.163.224.6 ...
192.163.224.6 ...
192.163.224.6 ...
192.163.224.6 ...
202.305.121.253 ...
202.305.121.253 ...
202.305.121.253 ...
the output should be
192.163.224.6
202.305.121.253
 
Upvote 0 Downvote
PROBLEM SOLVED
Marsd, thanks for giving the direction, I solved the problem like this:
$ awk '{ print $1 }' < logfile | sort -u > single_ipnums.txt

Even if I think, that in your snippet the fourth IP part is missing.
Shouldn´t it be  if ($0 ~ /[0-9]+\.[0-9]+\.[0-9]+\.[0-9]/)..
BTW I think now it´s time to review regexp
 
Upvote 0 Downvote
Right.
Typical typo.

Glad you got it. Awk is great for these little things.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MotorCycleDude
  • Locked
  • Question
awk Question
Replies
12
Views
817
mikrom
mikrom
V_M
  • Locked
  • Question
Awk Command not able to read French/Spanish characters from a file
Replies
1
Views
393
mikrom
mikrom
visitnag
  • Locked
  • Question
Hi I have a file with following
Replies
2
Views
405
visitnag
visitnag
FrancisMMM
  • Locked
  • Question
awk parsing is getting slower and stalled :(
Replies
1
Views
417
FrancisMMM
FrancisMMM
johnegracejr
  • Locked
  • Question
AWK suffix overwriting original text.
Replies
1
Views
493
feherke
feherke

Part and Inventory Search

Sponsor

Back
Top