FireBall
asked on
AWK collect information from text file
I have a text file as this :
and the column order is :
Time
Protocol Name
Flags
Protocol ID
TTL
SRC IP
SRC Port
Dest IP
Dest Port
Data Length
First 30 Byte of data
Is there any possible way to collect information with awk as this :
every unique ip wheter in source or destination got how many connections
like that :
ipaddress InboundConnectionCount OutBoundConnectionCount
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 296 ce125b8f1c37b43f2f192850134c38e9c2a46fb81988657188b06fadff92
1439992295000 TCP 16 6 120 78.186.179.127 7609 185.9.159.244 22 40
1439992295000 TCP 16 6 120 78.186.179.127 7609 185.9.159.244 22 40
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 296 c40be80cc61779ba9c547470efa15dc501f0d20998386ebde1c74cef82d1
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 296 187edb519a7827391ee2acd9bc84e68c9b844a675f3a779991a5c4b0e0bb
1439992295000 TCP 16 6 120 78.186.179.127 7609 185.9.159.244 22 40
1439992295000 TCP 16 6 120 78.186.179.127 7609 185.9.159.244 22 40
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 296 3fa4cdd26615f3a65cd6499087776da26899e258fd1c318daa7f550235b2
1439992295000 TCP 16 6 120 78.186.179.127 7609 185.9.159.244 22 40
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 360 34298c65c873740b04d1e670570241db6e02445bbeb6fb2c39c3d3867fb0
1439992295000 TCP 16 6 120 78.186.179.127 7609 185.9.159.244 22 40
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 296 6d2937f95c2257e831f9731230c8e08a6c08281871a66fa67b2f8572eaef
1439992295000 TCP 16 6 120 78.186.179.127 7609 185.9.159.244 22 40
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 296 950ae7e2a8b776e0bcc6a4990ff8396b64a5bb186a77529d9dbc57f6cd8d
1439992295000 TCP 16 6 120 78.186.179.127 7609 185.9.159.244 22 40
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 296 11ac0ece9d32f2df58b2746b89422e980a6fb96793d2f55a06d63c946460
1439992295000 TCP 16 6 120 78.186.179.127 7609 185.9.159.244 22 40
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 296 a87c443328f08bae55a405129927c73147eff9358666defd5b53dca9995d
1439992295000 TCP 16 6 120 78.186.179.127 7609 185.9.159.244 22 40
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 296 be9cb3bde0842f9d793c9ee856a211192196d4ba1c93fecf5285239c3f34
1439992295000 TCP 16 6 120 78.186.179.127 7609 185.9.159.244 22 40
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 296 7c59d3bb055f037733b1bccf309e715e8b89a30c1b68917b0c6268953d12
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 232 7fa2a32ec4e205b23ecb00bed441d88fe2ee36d7268f3acd7e5bcdb251fe
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 232 bd106e6077b6188c4270655f461a97b93c2d54837f3022aaca0b7d9083a5
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 232 bdf3fe96db36c3b0bdad4f30763ab20173ada5263ff380930eb0fd811500
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 232 dd505f9a0d5ed1b4f29a4d90771c31bba8ca86e32b523041f4ffcd5fc0fa
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 232 c265f17eebea4f13a7b4be5563fd8882b33f7391193c98b053e197a1e859
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 232 0acc383dac9a06e675145bff92b16c45a46571811cd1c9a78887a1381c31
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 232 f43873058321e34b3565be9588fa23cf9c4725502f224713ed80e479d94d
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 232 c1084085c406087514ace765ffd42d64be41315dd71b4411e9229d064062
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 232 74957b588e9202c48e593947dcab0e10b6a1f662223d4f4acc4798bb2fa4
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 232 e1ed2765d45596df8709cdf05717320e5fca81b4a3d228705c2f7b4337ef
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 232 c654af275921aeca7e5768e59164112497fe512bb3139d4f320cabc75389
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 232 5dc288d103b831d532599c7b8de6296f20c9e0018c06cce7629c51768e70
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 232 fd2dd49babe7e16178f41b2681baae9387f6d6015b729aa291c35a3c167a
1439992295000 TCP 16 6 120 78.186.179.127 7609 185.9.159.244 22 40
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 296 7654993bc91ec89e9c03b75058bfb3976ab5fb0f31e03c9026f27922203e
1439992295000 TCP 16 6 120 78.186.179.127 7609 185.9.159.244 22 40
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 296 2d195bd485e7d0a8760b15b84628b67dce521a9bd005815c87e10cc47f95
1439992295000 TCP 16 6 120 78.186.179.127 7609 185.9.159.244 22 40
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 296 f5ccc267d66dafcdca144ad060dc4c35fd6e62f17939ab3d86dc57133d53
1439992295000 TCP 16 6 120 78.186.179.127 7609 185.9.159.244 22 40
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.127 7609 296 f547cdbdafda615dec8728211a6dba030da3e2b84f323f714a14c110198e
1439992295000 TCP 24 6 120 78.186.179.127 7609 185.9.159.244 22 104 140560d1d0c567ef45f16e50f9a2e045c1650b43034c8cb21b27408714f5
1439992295000 TCP 24 6 64 185.9.159.244 22 78.186.179.1
and the column order is :
Time
Protocol Name
Flags
Protocol ID
TTL
SRC IP
SRC Port
Dest IP
Dest Port
Data Length
First 30 Byte of data
Is there any possible way to collect information with awk as this :
every unique ip wheter in source or destination got how many connections
like that :
ipaddress InboundConnectionCount OutBoundConnectionCount
ASKER
[root@244 scripts]# awk '{O[$6]+=1; I[$8]+=1} END {for(n in I) printf "%15s %4d %4d\n", n, I[n], O[n]}' log.txt
1 1
10.255.255.2 20840 0
it returned this
is there any possible way to remove if ip does not exist as given above , remove the line
1 1
10.255.255.2 20840 0
it returned this
is there any possible way to remove if ip does not exist as given above , remove the line
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
awk '{O[$6]+=1; I[$8]+=1} END {for(n in I) printf "%15s %4d %4d\n", n, I[n], O[n]}' inputfile.txt