Thanks to everyone for their help I now have the file sorted by src address using the "socket" method and the record looks like this:
2006-03-16 06 50 08 Local4.Warning 155.236.56.102 Mar 16 2006
06 44 11 %PIX-4-106023 Deny udp src inside 10.200.20.71 1047 dst outside
155.236.60.129 161 by access-group inside_access_in
2006-03-16 07 01 20 Local4.Warning 155.236.56.102 Mar 16 2006 06 55 23
%PIX-4-106023 Deny udp src inside 10.200.20.71 1047 dst outside 155.236.60.106
161 by access-group inside_access_in
2006-03-16 07 01 20 Local4.Warning 155.236.56.102 Mar 16 2006 06 55 23
%PIX-4-106023 Deny udp src inside 10.200.20.71 1047 dst outside 155.236.60.106
161 by access-group inside_access_in
2006-03-29 07 11 17 Local4.Warning 155.236.56.102 Mar 29 2006 07 04 12
%PIX-4-106023 Deny udp src inside 10.200.20.71 1046 dst outside 155.236.60.181
161 by access-group inside_access_in
2006-03-14 12 09 52 Local4.Warning 155.236.56.102 Mar 14 2006 12 04 05
%PIX-4-106023 Deny tcp src inside 10.200.21.72 2519 dst outside 207.46.253.188
80 by access-group inside_access_in
I now need to get all the dst IP address's sorted together for each src IP - I
will need to do more but once I see how you sort dst IP address per src IP
address I will be able to do this.
In reply to Re^2: Sorting log files with IP addresses (duplicates)
by Secode
in thread Sorting log files with IP addresses (duplicates)
by Secode
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |