Find the answer to your Linux question:
Results 1 to 2 of 2
I'm a Linux newbie, so please forgive me if this is an easy question. I need to filter (grep, awk, etc.) out all the IP addresses from /var/log/secure that attempt ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Mar 2008
    Posts
    13

    Filter IP Adresses to file


    I'm a Linux newbie, so please forgive me if this is an easy question.

    I need to filter (grep, awk, etc.) out all the IP addresses from /var/log/secure that attempt to access a my server to a file and sort them.

    I can get the lines containing the addresses with grep and know to use sort | uniq -u to get them in order and delete duplicate entries, but I don't know how to accurately get out each IP address.

    It would be possible to awk out each entry based on it's position in the string, but there must be a more accurate and more efficient way to do this.

    Thanks so much for your assistance!

  2. #2
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    Location
    Texas
    Posts
    1,692
    This question is common enough that some diligence on the forums / google likely would have yielded dozens of related answers.

    Blunt tool approach:
    Code:
    # grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' /var/log/secure
    You may need to refine that further, as it could generate false positives (e.g. 999.500.0.30 is not a real IP address).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •