2

I have a question regarding the use of some more advanced grep, awk, sed. I have a log file, for a proprietary MTA, that contains IP's in a string, delimited by [redacted]^~x.x.x.x^[redacted]. So far all of my grepping, awking, and sedding hasn't gotten me very far.

This log file has 331520 lines in it. My goal was to simply grep out the ip's, then do a for loop with sed, to sed 's/$i/redacted'. I'm including a sample of one of the log entries. If you all have any idea, I would be greatly appreciative.

Jun  4 15:21:52 host.name mta-name: 13388^~88/CC-04671-FCA0DCF4^~D^~<redactedmessageid>^~@^~redacteduser@domain.tld^~redacted.hostname^~000.00.000.000^~port^~esmtp^~^~external_routing_nobounce^~0^~0.51^~subjectofmessage^~250 2.6.0 <redactedmessageid> [InternalId=2178458] Queued mail for delivery
Dennis Williamson
  • 62,149
  • 16
  • 116
  • 151
Harry
  • 128
  • 5

2 Answers2

4

Do you want to replace the IP addresses with the string "[redacted]"? There's no need to grep then sed in a loop. sed gives you a loop and "grepping" for free.

sed 's/\^~[[:digit:]]\+\(\.[[:digit:]]\+\)\{3\}/^~[redacted]^~/' logfile
Dennis Williamson
  • 62,149
  • 16
  • 116
  • 151
0

I figured this out. More man pages. A little modifying of my grep command with a -o showed me a list of the addresses, with sort | uniq, I was able to get a list

grep -o '[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*' log.file | sort -n | uniq
Dennis Williamson
  • 62,149
  • 16
  • 116
  • 151
Harry
  • 128
  • 5
  • That is not quite right since * matches zero-or-more and you want one-or-more so replace each * with + and use egrep or grep -E. You do not need the -n in sort (or if you do want it, you should extend it for each octet using -t and -k) and sort -u means you do not need uniq. – ramruma Jun 24 '12 at 05:45