firewall log parsing scratch notes

From cpwiki.net
Revision as of 14:12, 8 October 2014 by Nighthawk (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Check Point Profressional Services

command run on "fw log" output to txt file...


cat /var/tmp/CLM_2014-10-03_06-00-00_to_09-00-00.log.txt | awk -F ";" '{print $3}' | awk "{print $2}' |  uniq -c | sort -rn | head


cat /var/tmp/CLM_2014-10-03_06-00-00_to_09-00-00.log.txt | awk '{for (i=1; i<=NF; i++) if ($i=="src:") print $(i+1)}' | uniq -c | sort -rn | head



cat /var/tmp/CLM_2014-10-03_06-00-00_to_09-00-00.log.txt | awk '{for (i=1; i<=NF; i++) if ($i=="src:") print $(i+1)}' | sort | uniq -c | sort -n -r | head
cat /var/tmp/CLM_2014-10-03_06-00-00_to_09-00-00.log.txt | grep "src: 17.24.13.25" | awk '{for (i=1; i<=NF; i++) if ($i=="src:") print $(i+1)} ' | wc -l 


awk '{for (i=1; i<=NF; i++) if ($i=="src:") print $(i+1)}' | sort | uniq -c | sort -n -r | head