1

I have the access.log file with more than 1000 X-Forwarded-For log entries like the following

142.245.59.16, 67.69.175.224, 69.31.97.126 - - [22/Sep/2015:20:00:02 -0400] "GET /company-information/cs/null?path=%
157.55.39.76, 184.27.179.176, 165.254.1.175 - - [22/Sep/2015:20:00:05 -0400] "GET /metricstream/--ID__100325--/free-co-profile.xhtml
10.70.33.32 - - [22/Sep/2015:20:00:22 -0400] "GET /autodiscover/autodiscover.xml
172.30.152.90, 198.178.234.30, 184.27.120.46, 69.31.97.126 - - [22/Sep/2015:20:03:37 -0400] "GET /company-information/cs/null?path

with this log entries, I have to grep and extract them to the access_log.txt file like the following output

142.245.59.16 - - [22/Sep/2015:20:00:02 -0400] "GET /company-information/cs/null?path=%
157.55.39.76 - - [22/Sep/2015:20:00:05 -0400] "GET /metricstream/--ID__100325--/free-co-profile.xhtml
10.70.33.32 - - [22/Sep/2015:20:00:22 -0400] "GET /autodiscover/autodiscover.xml
172.30.152.90 - - [22/Sep/2015:20:03:37 -0400] "GET /company-information/, csnull ?path

which is to leaving the first ip as it is and remove the following two or more ips, i have also tired the REGEX : /\, .*?\ -/g but i don't know how to apply it in unix sed command. please help to solve this using Unix command

anubhava
  • 761,203
  • 64
  • 569
  • 643
thamizhinian
  • 83
  • 1
  • 11

2 Answers2

1

You can use this sed command:

sed 's/, [^-]*- -/ - -/' file.log
142.245.59.16 - - [22/Sep/2015:20:00:02 -0400] "GET /company-information/cs/null?path=%
157.55.39.76 - - [22/Sep/2015:20:00:05 -0400] "GET /metricstream/--ID__100325--/free-co-profile.xhtml
10.70.33.32 - - [22/Sep/2015:20:00:22 -0400] "GET /autodiscover/autodiscover.xml
172.30.152.90 - - [22/Sep/2015:20:03:37 -0400] "GET /company-information/cs/null?path
anubhava
  • 761,203
  • 64
  • 569
  • 643
0

That way : sed 's/\, .* -/ -/g' ./access.log

Nicolas M
  • 81
  • 5