Skip to main content
Unix & Linux

Return to Question

added 166 characters in body
Source Link
archmicht
archmicht
  • 43
  • 5

I want to extract part from a log file column which is like this:

xx.xxx.xx.xx#59796:

Edit:

This is the actual log line:

Jan 10 17:38:11 server named[747]: client 21x.x0.x8x.xxx#40649: view external: query (cache) 'domain.TLD/A/IN' denied

The part before the "#" in the line above is an IP address, and I want to extract only the IP. The part after the "#" is random numbers and not always the same.

I use the below command to grep a pattern, extract the IP column, and then redirect the output to text file, but then I have to use an editor to leave out the extra characters from the extracted column.

grep -E 'view external.*denied' /var/log/messages |awk '{print $7}' > view_external_denied_ip.txt

If I can extract only the IP without the extra characters in the column, I would use the sort command to sort them ( sort | uniq -c | sort -rn ).

I want to extract part from a log file column which is like this:

xx.xxx.xx.xx#59796:

The part before the "#" in the line above is an IP address, and I want to extract only the IP. The part after the "#" is random numbers and not always the same.

I use the below command to grep a pattern, extract the IP column, and then redirect the output to text file, but then I have to use an editor to leave out the extra characters from the extracted column.

grep -E 'view external.*denied' /var/log/messages |awk '{print $7}' > view_external_denied_ip.txt

If I can extract only the IP without the extra characters in the column, I would use the sort command to sort them ( sort | uniq -c | sort -rn ).

I want to extract part from a log file column which is like this:

xx.xxx.xx.xx#59796:

Edit:

This is the actual log line:

Jan 10 17:38:11 server named[747]: client 21x.x0.x8x.xxx#40649: view external: query (cache) 'domain.TLD/A/IN' denied

The part before the "#" in the line above is an IP address, and I want to extract only the IP. The part after the "#" is random numbers and not always the same.

I use the below command to grep a pattern, extract the IP column, and then redirect the output to text file, but then I have to use an editor to leave out the extra characters from the extracted column.

grep -E 'view external.*denied' /var/log/messages |awk '{print $7}' > view_external_denied_ip.txt

If I can extract only the IP without the extra characters in the column, I would use the sort command to sort them ( sort | uniq -c | sort -rn ).

added 4 characters in body
Source Link
terdon
terdon
  • 252.7k
  • 69
  • 481
  • 719

I want to extract part from a log file column which is like this:

xx.xxx.xx.xx#59796:

xx.xxx.xx.xx#59796:

The part before the "#" in the line above is an IP address, and I want to extract only the IP. The part after the "#" is random numbers and not always the same.

I use the below command to grep a pattern, extract the IP column, and then redirect the output to text file, but then I have to use an editor to leave out the extra characters from the extracted column.

grep 'E-E 'view external.*denied' /var/log/messages |awk '{print $7}' > view_external_denied_ip.txt

If I can extract only the IP without the extra characerscharacters in the column, I would use the sort command to sort them ( sort | uniq -c | sort -rn ).

I want to extract part from a log file column which is like this:

xx.xxx.xx.xx#59796:

The part before the "#" in the line above is an IP address, and I want to extract only the IP. The part after the "#" is random numbers and not always the same.

I use the below command to grep a pattern, extract the IP column, and then redirect the output to text file, but then I have to use an editor to leave out the extra characters from the extracted column.

grep 'E 'view external.*denied' /var/log/messages |awk '{print $7}' > view_external_denied_ip.txt

If I can extract only the IP without the extra characers in the column, I would use the sort command to sort them ( sort | uniq -c | sort -rn ).

I want to extract part from a log file column which is like this:

xx.xxx.xx.xx#59796:

The part before the "#" in the line above is an IP address, and I want to extract only the IP. The part after the "#" is random numbers and not always the same.

I use the below command to grep a pattern, extract the IP column, and then redirect the output to text file, but then I have to use an editor to leave out the extra characters from the extracted column.

grep -E 'view external.*denied' /var/log/messages |awk '{print $7}' > view_external_denied_ip.txt

If I can extract only the IP without the extra characters in the column, I would use the sort command to sort them ( sort | uniq -c | sort -rn ).

Source Link
archmicht
archmicht
  • 43
  • 5

Extracting part from a file column

I want to extract part from a log file column which is like this:

xx.xxx.xx.xx#59796:

The part before the "#" in the line above is an IP address, and I want to extract only the IP. The part after the "#" is random numbers and not always the same.

I use the below command to grep a pattern, extract the IP column, and then redirect the output to text file, but then I have to use an editor to leave out the extra characters from the extracted column.

grep 'E 'view external.*denied' /var/log/messages |awk '{print $7}' > view_external_denied_ip.txt

If I can extract only the IP without the extra characers in the column, I would use the sort command to sort them ( sort | uniq -c | sort -rn ).