Difference between revisions of "firewall log parsing scratch notes"
From cpwiki.net
(Created page with " command run on "fw log" output to txt file... cat /var/tmp/CLM_2014-10-03_06-00-00_to_09-00-00.log.txt | awk -F ";" '{print $3}' | awk "{print $2}' | uniq -c | sort -rn |...") |
Latest revision as of 14:12, 8 October 2014
command run on "fw log" output to txt file...
cat /var/tmp/CLM_2014-10-03_06-00-00_to_09-00-00.log.txt | awk -F ";" '{print $3}' | awk "{print $2}' | uniq -c | sort -rn | head
cat /var/tmp/CLM_2014-10-03_06-00-00_to_09-00-00.log.txt | awk '{for (i=1; i<=NF; i++) if ($i=="src:") print $(i+1)}' | uniq -c | sort -rn | head
cat /var/tmp/CLM_2014-10-03_06-00-00_to_09-00-00.log.txt | awk '{for (i=1; i<=NF; i++) if ($i=="src:") print $(i+1)}' | sort | uniq -c | sort -n -r | head
cat /var/tmp/CLM_2014-10-03_06-00-00_to_09-00-00.log.txt | grep "src: 17.24.13.25" | awk '{for (i=1; i<=NF; i++) if ($i=="src:") print $(i+1)} ' | wc -l
awk '{for (i=1; i<=NF; i++) if ($i=="src:") print $(i+1)}' | sort | uniq -c | sort -n -r | head
