in reply to Re: Sorting log files with IP addresses (duplicates)
in thread Sorting log files with IP addresses (duplicates)

Thanks to everyone for their help I now have the file sorted by src address using the "socket" method and the record looks like this:


2006-03-16 06 50 08 Local4.Warning 155.236.56.102 Mar 16 2006 06 44 11 %PIX-4-106023 Deny udp src inside 10.200.20.71 1047 dst outside 155.236.60.129 161 by access-group inside_access_in
2006-03-16 07 01 20 Local4.Warning 155.236.56.102 Mar 16 2006 06 55 23 %PIX-4-106023 Deny udp src inside 10.200.20.71 1047 dst outside 155.236.60.106 161 by access-group inside_access_in
2006-03-16 07 01 20 Local4.Warning 155.236.56.102 Mar 16 2006 06 55 23 %PIX-4-106023 Deny udp src inside 10.200.20.71 1047 dst outside 155.236.60.106 161 by access-group inside_access_in
2006-03-29 07 11 17 Local4.Warning 155.236.56.102 Mar 29 2006 07 04 12 %PIX-4-106023 Deny udp src inside 10.200.20.71 1046 dst outside 155.236.60.181 161 by access-group inside_access_in
2006-03-14 12 09 52 Local4.Warning 155.236.56.102 Mar 14 2006 12 04 05 %PIX-4-106023 Deny tcp src inside 10.200.21.72 2519 dst outside 207.46.253.188 80 by access-group inside_access_in

I now need to get all the dst IP address's sorted together for each src IP - I will need to do more but once I see how you sort dst IP address per src IP address I will be able to do this.

  • Comment on Re^2: Sorting log files with IP addresses (duplicates)

In Section Seekers of Perl Wisdom