Showing posts with label Find IP address or unique IP address from a log file. Show all posts
Showing posts with label Find IP address or unique IP address from a log file. Show all posts

Monday, 21 October 2019

Find IP address or unique IP address from a log file

Scenario: In this scenario we will

-------Sample Log----

07-APR-2019 20:14:05 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=__jdbc__)(USER=WIN-MQ01PK54063$))(SERVICE_NAME=stlbas)(CID=(PROGRAM=)(HOST=__jdbc__)(USER=WIN-MQ01PK54063$))) * (ADDRESS=(PROTOCOL=tcp)(HOST=10.88.1.88)(PORT=50100)) * establish * stlbas * 0
07-APR-2019 20:14:06 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=__jdbc__)(USER=root))(SERVICE_NAME=emob)(CID=(PROGRAM=)(HOST=__jdbc__)(USER=root))) * (ADDRESS=(PROTOCOL=tcp)(HOST=10.11.1.95)(PORT=57193)) * establish * emob * 0
07-APR-2019 20:14:07 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=__jdbc__)(USER=root))(SERVICE_NAME=emob)(CID=(PROGRAM=)(HOST=__jdbc__)(USER=root))) * (ADDRESS=(PROTOCOL=tcp)(HOST=10.11.1.95)(PORT=57194)) * establish * emob * 0

07-APR-2019 20:14:27 * (CONNECT_DATA=(SERVICE_NAME=STLBAS)(CID=(PROGRAM=frmweb)(HOST=ISTELAR-08)(USER=root))) * (ADDRESS=(PROTOCOL=tcp)(HOST=10.11.1.228)(PORT=37861)) * establish * STLBAS * 0

07-APR-2019 20:14:29 * (CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=emob)(CID=(PROGRAM=java)(HOST=HR-APP)(USER=root))) * (ADDRESS=(PROTOCOL=tcp)(HOST=10.88.1.174)(PORT=27081)) * establish * emob * 0


cat listener_07042019.log | awk '{ print $6 }' >> IP2.log
cat IP2.log | awk -F= '{print $4}' >> IP3.log
sed 's/......$//' IP3.log >> IP4.log
sort -u IP4.log 



cat listener_07042019.log | awk '{ print $6 }' >> IP2.log
-bash-4.1$ vim IP2.log
(ADDRESS=(PROTOCOL=tcp)(HOST=10.88.1.174)(PORT=63679))
(ADDRESS=(PROTOCOL=tcp)(HOST=10.88.1.88)(PORT=51571))
(ADDRESS=(PROTOCOL=tcp)(HOST=10.11.1.95)(PORT=56043))
(ADDRESS=(PROTOCOL=tcp)(HOST=10.11.1.95)(PORT=56044))
(ADDRESS=(PROTOCOL=tcp)(HOST=10.11.1.95)(PORT=56045))


cat IP2.log | awk -F= '{print $4}' >> IP3.log

-bash-4.1$ vim IP3.log
10.88.1.174)(PORT
10.88.1.88)(PORT
10.11.1.95)(PORT
10.11.1.95)(PORT
10.11.1.95)(PORT

sed 's/......$//' IP3.log >> IP4.log

-bash-4.1$ vim IP4.log
10.88.1.174
10.88.1.88
10.11.1.95
10.11.1.95
10.11.1.95

-bash-4.1$ sort -u IP4.log

10.11.1.121
10.11.1.126
10.11.1.133
10.11.1.144
10.11.1.162
10.11.1.163
10.11.1.167
10.11.1.198
10.11.1.221
10.11.1.224