How can grep the 8th of Field <<<<<<<< 
Author Message
 How can grep the 8th of Field <<<<<<<<

Hi, I have a log report that I want to seperate for inside & outside
domain. Here is log report
so That I get a report of all the connection from domain "ctstateu"
and ouside "ctstateu", ob. when I "grep ctstateu" it grep everything

-------------------------------------------------------------
Jun  8 00:42:35 sun.scsu.ctstateu.edu in.telnetd[24793]: refused connect from scsud.ctstateu.edu

Jun  8 01:09:13 sun.scsu.ctstateu.edu in.fingerd[24894]: connect from sluaxa.slu.edu
Jun  8 01:09:22 sun.scsu.ctstateu.edu in.fingerd[24897]: connect from sluaxa.slu.edu

thanx for the Help
Bikesh



Tue, 25 Nov 1997 03:00:00 GMT  
 How can grep the 8th of Field <<<<<<<<

Quote:
>Hi, I have a log report that I want to seperate for inside & outside
>domain. Here is log report
>so That I get a report of all the connection from domain "ctstateu"
>and ouside "ctstateu", ob. when I "grep ctstateu" it grep everything

nawk '{print $8}' <filename> | grep ctstateu

Hope this helps . . .
--



Tue, 25 Nov 1997 03:00:00 GMT  
 How can grep the 8th of Field <<<<<<<<

Quote:


>   >Hi, I have a log report that I want to seperate for inside & outside
>   >domain. Here is log report
>   >so That I get a report of all the connection from domain "ctstateu"
>   >and ouside "ctstateu", ob. when I "grep ctstateu" it grep everything

>   nawk '{print $8}' <filename> | grep ctstateu

>   Hope this helps . . .
>   --


or, more conveniently, grepping on ctstateu on the whole line

        awk '/ctstateu/ {print $8}' filename

or matching just in the 2nd field

        awk '$2=="ctstateu" {print $8}' filename

--
________________________________________________________________________

Dept. Physics - Chamberlin Hall, Univ. of Wisconsin, Madison, WI, 53706
------------------------------------------------------------------------



Tue, 25 Nov 1997 03:00:00 GMT  
 How can grep the 8th of Field <<<<<<<<

: or, more conveniently, grepping on ctstateu on the whole line

:       awk '/ctstateu/ {print $8}' filename

: or matching just in the 2nd field

:       awk '$2=="ctstateu" {print $8}' filename

i am not sure what the delimiters are; if they differ from the default
values of IFS, then you need to include the -F option to awk.

regards,
--robert

--
 o               Robert Owen Thomas -- Cymru Consulting, Inc.               o
 o  Unix:  Admin, Networking, Security, Internet, RDBMS, App Development    o

 o       vox: 708.686.3600   fax: 708.686.3600 (it works, trust me)         o
 o        "When I die, I want to go sleeping like my grandfather...         o
 o              Not screaming like the passengers in his car!"              o



Tue, 25 Nov 1997 03:00:00 GMT  
 How can grep the 8th of Field <<<<<<<<
Bikesh,

If you use awk to add a marker to each line of your log file, you can then use
a number of grep commands to fish out the markers.  For example,  if you put
the following in a file called something like in_out.awk :

{  if ($NF ~ /ctstateeu.edu/)
  print  "in- " $0
  else
  print  "out- " $0

Quote:
}

and then you call it with a command like ...
   awk -f in_out.awk /usr/spool/mqueue/syslog > syslog.marked
Then you can grep for  in-  or out-  and send that to whatever file you need.

Basically that awk file checks each line and for each one
it checks the last field ($NF).  You should check the last field instead of
the 8th field.  Notice that when you refuse a connect or accept a connect, the
number of fields varies, so checking for the 8th field will not be consistant
enough.

Anyway, it just checks the last field, and looks to see if the pattern
ctstateeu.edu is somewhere inside.  If so, the append the entire line to "in- "
and if not, then append the entire line to "out-".

I hope this helps, even though it is sort of a kludge.

- Brad Veneracion



Tue, 25 Nov 1997 03:00:00 GMT  
 How can grep the 8th of Field <<<<<<<<

Quote:

>nawk '{print $8}' <filename> | grep ctstateu
>Hope this helps . . .

Do your tired CPU a favor and save a process:

        nawk '$8=="ctstateu"{print}' file

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Tue, 25 Nov 1997 03:00:00 GMT  
 How can grep the 8th of Field <<<<<<<<


Quote:
>Hi, I have a log report that I want to seperate for inside & outside
>domain. Here is log report
>so That I get a report of all the connection from domain "ctstateu"
>and ouside "ctstateu", ob. when I "grep ctstateu" it grep everything

>-------------------------------------------------------------
>Jun  8 00:42:35 sun.scsu.ctstateu.edu in.telnetd[24793]: refused connect from scsud.ctstateu.edu

>Jun  8 01:09:13 sun.scsu.ctstateu.edu in.fingerd[24894]: connect from sluaxa.slu.edu
>Jun  8 01:09:22 sun.scsu.ctstateu.edu in.fingerd[24897]: connect from sluaxa.slu.edu

>thanx for the Help
>Bikesh

Try this:


Note, though, that your first log entry, which _is_ from inside your domain,
doesn't have the desired search string, "ctstateu", in the 8th position, but
rather in the 9th.  So it doesn't end up getting printed out.

If you want to catch the first two log enties, you may want to do something
altogether different, like this:

    $ perl -ne '(/: (refused connect|connect) from \s+.ctstateu.edu/) && print' logfile

Good luck!
--
--
Mark D. Conty                                   Phone: 612/726-6048
Northwest Airlines                                 Mail drop: J3790
IS/Applications                                                 <><



Tue, 25 Nov 1997 03:00:00 GMT  
 How can grep the 8th of Field <<<<<<<<

Inside:

        grep 'from .*\.ctstateu\.edu$'

outside:

        grep -v 'from .*\.ctstateu\.edu$'



Fri, 28 Nov 1997 03:00:00 GMT  
 How can grep the 8th of Field <<<<<<<<

: >nawk '{print $8}' <filename> | grep ctstateu

: >Hope this helps . . .

: Do your tired CPU a favor and save a process:

:       nawk '$8=="ctstateu"{print}' file

: --
: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

: | stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

This, as far I as understand the original requirement, is the best (and
possibly only correct) solution offered so far. The original poster wanted to
see lines where field 8 contained a specific string - not just select all the
8th fields where they're "ctstateu" ...

Simpler still is :-

        nawk '$8=="ctstateu"' file

as the default action is to print the input line.

--
Mark Bluemel    Unix/Oracle Trainer and Consultant
                My opinions are my own, but I'll share them
                All solutions to problems are offered "as is"
                and without warranty - you have been warned :-)



Fri, 28 Nov 1997 03:00:00 GMT  
 
 [ 9 post ] 

 Relevant Pages 

1. ^<<<<<<<<<<<~~ with \n

2. ^<<<<<<<<<<< ~~ format question

3. How can I make @<<<<<<<<< variable ?

4. Question on Cutting and Paste things in a File <<<<<<<<

5. Using $: and ^<<<<~~~ in formatting

6. 4.036 Bug using $: and ^<<<~~ fields

7. <<<<<< HELP >>>>>>>>

8. format @<<<

9. >>>> A Singaporean Girl looking for more penpals!!<<<<<

10. >>>Please add your Perl Script to the Perlcoders Archive of free scripts <<<<

11. Regexp: match '<:a<:c:>b:>', not '<:a<:c:>'

12. FAQ 4.36: Why don't my E<lt>E<lt>HERE documents work?

 

 
Powered by phpBB® Forum Software