Grep?

Discuss Programming
Post Reply
byrdman
administrator
administrator
Posts: 225
Joined: Thu May 08, 2003 1:59 pm
Location: In the cloud

Grep?

Post by byrdman » Tue Aug 18, 2009 9:19 am

I have a secure log file that reads:

Aug 17 09:09:09 hostname sshd[pid] :Accepted public key for user from x.x.x.x port 49332 ssh2

I want to create a php page that just displays :

Aug 17 09:09 user ipaddress

if I dump the secure log into a db, it will get huge but I was hoping I could create a cron that 'cat' the secure log and the output would just have the date, user, and ipaddress.

Am I going down the right path by using grep in an advanced way
My ultimate goal is to have a web page that will display the connected users and their ip addresses

(kiosk project)

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Tue Aug 18, 2009 9:42 am

There are many ways you can do this but just from the command line using a couple of UNIX commands:

Code: Select all

grep "Accepted public key for" /var/log/secure | tr -s ' ' | cut -f1-3,10,12 -d' '
You could also do a simple Perl script that would read the log (like a "tail -f") and pick out the values from the lines you want and enter them into your MySQL table with datetime, user, ip columns. Your php script could then search that table.

byrdman
administrator
administrator
Posts: 225
Joined: Thu May 08, 2003 1:59 pm
Location: In the cloud

Post by byrdman » Mon Aug 31, 2009 1:51 pm

Code: Select all

 grep "swf/" Playlist.xml | tr -s ' '|cut -f2 -d ' ' | cut -c 10-

This gives me
File1.swf' />
Another_File2.swf'/>
Different_FIle3.swf'/>

How can I use something like what I have above to get rid of the last three characters of my output? the single quote, the slash, and the >

then take the correct output which should be:

File1.swf
Another_File2.swf
Different_File3.swf
and remove everything in the swf/ folder but the output files? Make sense?

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Mon Aug 31, 2009 2:24 pm

Tack on to the end:

Code: Select all

 grep "swf/" Playlist.xml | tr -s ' '|cut -f2 -d ' ' | cut -c 10- | cut -f1 -d"'"

byrdman
administrator
administrator
Posts: 225
Joined: Thu May 08, 2003 1:59 pm
Location: In the cloud

Post by byrdman » Mon Aug 31, 2009 2:57 pm

Perfect. Thank you!

Now I have the output of the files that I want to KEEP in that certain directory.

I want to delete ALL the files that are in the directory that are not in the output.
So because File4.swf and File5.swf did not show up in the output, they are no longer needed, they should be deleted.
Am I going about this the right way?

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Mon Aug 31, 2009 7:51 pm

It's probably easiest to do it in a couple of steps in your script:

Code: Select all

#!/bin/bash
cd /flashdir
grep "swf/" Playlist.xml | tr -s ' '|cut -f2 -d ' ' | cut -c 10- | cut -f1 -d"'" > /tmp/playfiles.lst
ls *.swf > /tmp/dirfiles.lst
cat /tmp/playfiles.lst /tmp/dirfiles.lst | sort | uniq -u | xargs rm -f
Of course there are a thousand different ways to do this.

Post Reply