linux:bash:sample:filter-regex-mendapatkan-ip-address-dari-string-log

Bash Script: Cara Mendapatkan Ip Address Dari String dengan Regex

Bagaimana cara menggunakan bash regex untuk mendapatkan ip address dari string log seperti ini

2020-01-11 09:45:15 login authenticator failed for (User) [46.38.144.202]: 535 Incorrect authentication data (set_id=na@mailku.net)
2020-01-11 09:45:15 login authenticator failed for (User) [46.38.144.64]: 535 Incorrect authentication data (set_id=maximus@mailku.net)
2020-01-11 09:45:15 login authenticator failed for (User) [46.38.144.124]: 535 Incorrect authentication data (set_id=reklama@mailku.net)
2020-01-11 09:45:15 login authenticator failed for (User) [46.38.144.202]: 535 Incorrect authentication data (set_id=na@mailku.net)
2020-01-11 09:45:16 login authenticator failed for (User) [46.38.144.57]: 535 Incorrect authentication data (set_id=traveler@mailku.net)
2020-01-11 09:45:18 login authenticator failed for (User) [46.38.144.57]: 535 Incorrect authentication data (set_id=traveler@mailku.net)
2020-01-11 09:45:18 login authenticator failed for (User) [46.38.144.231]: 535 Incorrect authentication data (set_id=premium@mailku.net)
2020-01-11 09:45:18 login authenticator failed for (User) [46.38.144.247]: 535 Incorrect authentication data (set_id=ns31@mailku.net)
2020-01-11 09:45:19 login authenticator failed for (User) [46.38.144.146]: 535 Incorrect authentication data (set_id=ggutierrez@mailku.net)
2020-01-11 09:45:20 login authenticator failed for (User) [46.38.144.64]: 535 Incorrect authentication data (set_id=maximus@mailku.net)

Hasil yang ingin didapatkan adalah ip addressnya saja, maka anda bisa menggunakan kode berikut ini :

tail -n 10 /var/log/exim/mainlog | grep 'login authenticator failed' | awk '{print $8'} | egrep -o '([0-9]{1,3}\.){3}[0-9]{1,3}'

Hasil yang didapatkan adalah

46.38.144.117
46.38.144.64
46.38.144.231
46.38.144.124
46.38.144.17
46.38.144.247
46.38.144.79
46.38.144.17
46.38.144.202
46.38.144.179

dari hasil tersebut apabila ada yang duplikat kita bisa menggunakan uniq

tail -n 10 /var/log/exim/mainlog | grep 'login authenticator failed' | awk '{print $8'} | egrep -o '([0-9]{1,3}\.){3}[0-9]{1,3}' | uniq

Demikian selamat berkreasi

Sumber :

Pages in this namespace:

No pages in this namespace.

Layanan

Harga Domain .COM | Harga Domain .ID | Shared Hosting | Email Hosting | MySQL Hosting |
linux/bash/sample/filter-regex-mendapatkan-ip-address-dari-string-log.txt · Last modified: 2020/01/11 10:00 by kbadmin