Link to home
Start Free TrialLog in
Avatar of FireBall
FireBall

asked on

AWK collect information from text file

I have a text file as this :

1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    296             ce125b8f1c37b43f2f192850134c38e9c2a46fb81988657188b06fadff92
1439992295000   TCP     16      6       120     78.186.179.127  7609    185.9.159.244   22      40
1439992295000   TCP     16      6       120     78.186.179.127  7609    185.9.159.244   22      40
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    296             c40be80cc61779ba9c547470efa15dc501f0d20998386ebde1c74cef82d1
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    296             187edb519a7827391ee2acd9bc84e68c9b844a675f3a779991a5c4b0e0bb
1439992295000   TCP     16      6       120     78.186.179.127  7609    185.9.159.244   22      40
1439992295000   TCP     16      6       120     78.186.179.127  7609    185.9.159.244   22      40
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    296             3fa4cdd26615f3a65cd6499087776da26899e258fd1c318daa7f550235b2
1439992295000   TCP     16      6       120     78.186.179.127  7609    185.9.159.244   22      40
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    360             34298c65c873740b04d1e670570241db6e02445bbeb6fb2c39c3d3867fb0
1439992295000   TCP     16      6       120     78.186.179.127  7609    185.9.159.244   22      40
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    296             6d2937f95c2257e831f9731230c8e08a6c08281871a66fa67b2f8572eaef
1439992295000   TCP     16      6       120     78.186.179.127  7609    185.9.159.244   22      40
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    296             950ae7e2a8b776e0bcc6a4990ff8396b64a5bb186a77529d9dbc57f6cd8d
1439992295000   TCP     16      6       120     78.186.179.127  7609    185.9.159.244   22      40
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    296             11ac0ece9d32f2df58b2746b89422e980a6fb96793d2f55a06d63c946460
1439992295000   TCP     16      6       120     78.186.179.127  7609    185.9.159.244   22      40
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    296             a87c443328f08bae55a405129927c73147eff9358666defd5b53dca9995d
1439992295000   TCP     16      6       120     78.186.179.127  7609    185.9.159.244   22      40
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    296             be9cb3bde0842f9d793c9ee856a211192196d4ba1c93fecf5285239c3f34
1439992295000   TCP     16      6       120     78.186.179.127  7609    185.9.159.244   22      40
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    296             7c59d3bb055f037733b1bccf309e715e8b89a30c1b68917b0c6268953d12
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    232             7fa2a32ec4e205b23ecb00bed441d88fe2ee36d7268f3acd7e5bcdb251fe
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    232             bd106e6077b6188c4270655f461a97b93c2d54837f3022aaca0b7d9083a5
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    232             bdf3fe96db36c3b0bdad4f30763ab20173ada5263ff380930eb0fd811500
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    232             dd505f9a0d5ed1b4f29a4d90771c31bba8ca86e32b523041f4ffcd5fc0fa
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    232             c265f17eebea4f13a7b4be5563fd8882b33f7391193c98b053e197a1e859
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    232             0acc383dac9a06e675145bff92b16c45a46571811cd1c9a78887a1381c31
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    232             f43873058321e34b3565be9588fa23cf9c4725502f224713ed80e479d94d
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    232             c1084085c406087514ace765ffd42d64be41315dd71b4411e9229d064062
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    232             74957b588e9202c48e593947dcab0e10b6a1f662223d4f4acc4798bb2fa4
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    232             e1ed2765d45596df8709cdf05717320e5fca81b4a3d228705c2f7b4337ef
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    232             c654af275921aeca7e5768e59164112497fe512bb3139d4f320cabc75389
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    232             5dc288d103b831d532599c7b8de6296f20c9e0018c06cce7629c51768e70
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    232             fd2dd49babe7e16178f41b2681baae9387f6d6015b729aa291c35a3c167a
1439992295000   TCP     16      6       120     78.186.179.127  7609    185.9.159.244   22      40
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    296             7654993bc91ec89e9c03b75058bfb3976ab5fb0f31e03c9026f27922203e
1439992295000   TCP     16      6       120     78.186.179.127  7609    185.9.159.244   22      40
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    296             2d195bd485e7d0a8760b15b84628b67dce521a9bd005815c87e10cc47f95
1439992295000   TCP     16      6       120     78.186.179.127  7609    185.9.159.244   22      40
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    296             f5ccc267d66dafcdca144ad060dc4c35fd6e62f17939ab3d86dc57133d53
1439992295000   TCP     16      6       120     78.186.179.127  7609    185.9.159.244   22      40
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.127  7609    296             f547cdbdafda615dec8728211a6dba030da3e2b84f323f714a14c110198e
1439992295000   TCP     24      6       120     78.186.179.127  7609    185.9.159.244   22      104             140560d1d0c567ef45f16e50f9a2e045c1650b43034c8cb21b27408714f5
1439992295000   TCP     24      6       64      185.9.159.244   22      78.186.179.1

Open in new window



and the column order is :

Time
Protocol Name
Flags
Protocol ID
TTL
SRC IP
SRC Port
Dest IP
Dest Port
Data Length
First 30 Byte of data




Is there any possible way to collect information with awk as this :


every unique ip wheter in source or destination got how many connections

like that :
ipaddress      InboundConnectionCount       OutBoundConnectionCount
Avatar of woolmilkporc
woolmilkporc
Flag of Germany image

Do you mean something like this?

awk '{O[$6]+=1; I[$8]+=1} END {for(n in I) printf "%15s %4d %4d\n",  n, I[n], O[n]}' inputfile.txt
Avatar of FireBall
FireBall

ASKER

[root@244 scripts]# awk '{O[$6]+=1; I[$8]+=1} END {for(n in I) printf "%15s %4d %4d\n",  n, I[n], O[n]}'  log.txt
                   1    1
   10.255.255.2 20840    0

it returned this

is there any possible way to remove if ip does not exist as given above  , remove the line
ASKER CERTIFIED SOLUTION
Avatar of woolmilkporc
woolmilkporc
Flag of Germany image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial