How to sort output based on first column and merge the second column?

Asked Dec 25 '18 at 10:10

Active Dec 25 '18 at 15:19

Viewed 44 times

I have an output of the access log and I need to get the Ip address plus the date/time of it. The problem I am facing is when I need to filter the output mainly on the IP address and count the occurrence of it , I am having a duplicate of the IP if it's visiting my web server on different time, So how can i merge the date in such a situation

sudo zcat /var/log/nginx/access.log.2.gz | awk '{print $1 " " $4 " "$5}'| sort | uniq -c |sort -nr

 I expected this 
  1 77.222.139.* [23/Dec/2018:06:25:17]
  1 77.21.47.* [23/Dec/2018:15:21:38]
  1 76.231.246.* [23/Dec/2018:21:19:03]
  1 71.6.202.* [24/Dec/2018:05:34:20]
  2 69.58.178.* [23/Dec/2018:23:01:33]

but got this

  1 77.222.139.* [23/Dec/2018:06:25:17]
  1 77.21.47.* [23/Dec/2018:15:21:38]
  1 76.231.246.* [23/Dec/2018:21:19:03]
  1 71.6.202.* [24/Dec/2018:05:34:20]
  1 69.58.178.* [23/Dec/2018:23:01:33]
  1 69.58.178.*[23/Dec/2018:23:01:32]

edited Dec 25 '18 at 15:19

Ulrich Eckhardt

16,572
3
28
55

asked Dec 25 '18 at 10:10

`23/Dec/2018:23:01:33` and `23/Dec/2018:23:01:32` are not unique. You can use `awk` substring handling to ignore the time, see: [The Substr function](http://grymoire.com/Unix/Awk.html#uh-43) – David C. Rankin Dec 25 '18 at 10:31
Another option is the use of the stream editor `sed`. – Ulrich Eckhardt Dec 25 '18 at 15:19

How to sort output based on first column and merge the second column?

0 Answers0