Created
August 11, 2020 18:33
-
-
Save jbowdre/568001342ec186d2d9fda665c196486b to your computer and use it in GitHub Desktop.
Ugly kludge for parsing a given log file and returning the most common IP-like strings.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| grep -o -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' ACCESS_LOG.TXT | grep -v "127.0.0.1" | sort | uniq -c | sort -n -r | head -n 5 | |
| # Bonus kludge for parsing multiple gzipped logs for the same. Also prints the logfile datestamp for each file as well: | |
| for i in {1..20}; do date -r ACCESS_LOG.$i.gz; zgrep -o -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' \ACCESS_LOG.log.$i.gz | grep -v "127.0.0.1" | sort | uniq -c | sort -n -r | head -n 5; done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment