Thursday, March 13, 2008

AWK 1 liners

how to find the websites visited by particular IP from squid access logs?

grep -E '192\.168\.12\.35' /var/log/squid/logs/access.log | awk '{print $7;}' | sort | sed 's/http:\/\///' | cut -d ':' -f 1 | cut -d '/' -f 1 | uniq

  1. grep -> get only entries related to 192.168.12.35
  2. awk -> take 7th column, the URL
  3. sort -> sort them
  4. sed-> remove http:// from URL
  5. cut -> remove port number
  6. cut -> remove directory and file information
  7. uniq -> remove duplicate entries
good na...
Posted by at

1 comment:

Anonymous said...

ya its gud....
but its like love... u dont know wat will come out of that expression till u see the o/p on the screen

Thursday, March 13, 2008 at 9:27:00 PM PDT

Post a Comment

Subscribe to: Post Comments (Atom)