You are not logged in.
wow linux, you never cease to amaze me
cat /var/log/auth.log | grep -vP "(209\.94\.131.\65|216\.204\.172\.218)" | grep Accepted | awk '{ print $1, $2, $11 }'
--- the rest is immaterial --
disclaimer: i am a horrible scripter; i'm just learning; there's probably a better way to do this
what i'm trying to do: cat through /var/log/auth.log for accepted ssh connections, filter out my home and work ip's, place any filtered ip's in a log file with date.
i'm having some trouble when checking for inequality between two ip strings (xx.xx.xx.xx). this script:
#!/bin/bash
homeip=`whatismyip`
workip="216.204.172.218"
log=${HOME}/Documents/ssh_log
logip=`cat /var/log/auth.log |
\grep Accepted.*patrick |
\awk '{ print $11 }'`
if [ "$logip" != "$homeip" ]; then
if [ "$logip" != "$workip" ]; then
echo -e "$logip \n"
#cat /var/log/auth.log | grep "$logip" | awk '{ print $1 " " $2 " " $11 }' > $log
fi
fi
echo Home\:\ $homeip
echo Work\:\ $workip
exit 0
outputs this:
...
216.204.172.218
216.204.172.218
216.204.172.218
216.204.172.218
216.204.172.218
192.168.0.7
192.168.0.7
192.168.0.7
216.204.172.218
216.204.172.218
216.204.172.218
216.204.172.218
216.204.172.218
216.204.172.218
216.204.172.218
216.204.172.218
216.204.172.218
68.37.60.140
68.37.60.140
68.37.60.140
68.37.60.140
68.37.60.140
68.37.60.140
68.37.60.140
68.37.60.140
216.204.172.218
216.204.172.218
216.204.172.218
216.204.172.218
216.204.172.218
216.204.172.218
192.168.0.7
216.204.172.218
209.94.131.65
209.94.131.65
216.204.172.218
209.94.131.65
216.204.172.218
Home: 209.94.131.65
Work: 216.204.172.218
i have it just echoing the ip's it finds in the log, then showing which ones _should've_ been filtered out, to debug.
what gives?
i'm sure it's trivial, any help would be appreciated.
Last edited by brisbin33 (2009-01-13 17:10:10)
//github/
Offline
Try something like this instead:
grep -vP "(home\.ip\.goes\.here|work\.ip\.goes\.here)" /path/to/log/file
Then awk out what you want?
archlinux - please read this and this — twice — then ask questions.
--
http://rsontech.net | http://github.com/rson
Offline
Here's a hint: logip="216.204.172.218\n216.204.172.218\n216.204.172.218..."
Dude, that's one big string!
M*cr*s*ft: Who needs quality when you have marketing?
Offline
pointone,
yes, you're exactly right, i was thinking one grepped line at a time, not the whole string... that'll require a rewrite
rson,
grep -vP and awk should do what i want w/o any scripting required... think i'd learn by now, RTFM right?
//github/
Offline
archlinux - please read this and this — twice — then ask questions.
--
http://rsontech.net | http://github.com/rson
Offline