[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [shell-script-pt] Parser em log pflogfile
|
From: |
Blau Araujo |
|
Subject: |
Re: [shell-script-pt] Parser em log pflogfile |
|
Date: |
Thu, 11 Mar 2021 09:35:15 -0300 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.0 |
Salve!
Eu fiquei curioso pra saber o tempo que isso levaria (ou se funcionaria):
```
awk '$0~"pass in" && $0!~"icmp" { split($12,out,"."); print
substr(out[5], 1, length(out[5])-1) }' <(gzip -dc SEU_ARQUIVO) | sort |
uniq -c | sort -rn | awk 'NR <= 20 {print $1";"$2}'
```
Abraços!
Blau Araujo
-----------------------------
https://debxp.org
https://ask.debxp.org
https://blauaraujo.com
Em 10/03/2021 19:22, Marcelo Primo por (shell-script-pt) escreveu:
Mar 09 00:00:03.146758 rule 12/(match) pass in on em0:
198.199.88.65.61953 > *192.168.1.143.9004**:* S 3776023135:3776023135(0)
win 1024
Mar 09 00:00:03.151840 rule 12/(match) pass in on em0:
198.199.88.65.61953 > *192.168.1.176.9004:* S 4103556202:4103556202(0)
win 1024
Mar 09 00:00:03.168233 rule 12/(match) pass in on em0:
203.212.200.241.58481 > *192.168.1.210.23:* S 1794254071:1794254071(0)
win 5808 <mss 1452,sackOK,timestamp 63610891 0,nop,wscale 2> (DF)
Mar 09 00:00:03.190210 rule 12/(match) pass in on em0:
178.175.97.53.46828 > *192.168.1.210.23:* S 700145820:700145820(0) win
5808 <mss 1452,sackOK,timestamp 159224881 0,nop,wscale 1> (DF) [tos 0x4]
Mar 09 00:00:03.213339 rule 12/(match) pass in on em0:
131.159.24.205.51075 > *192.168.1.212.80:* S 2924909527:2924909527(0)
win 65535 <sackOK,timestamp 4294967295 16843009,wscale
1,nop,opt-34:,opt-64:,opt-30:00810c0c0c0c0c0c0c0c,eol>
Mar 09 00:00:03.263630 rule 12/(match) pass in on em0:
138.197.180.77.61953 > *192.168.1.194.10000:* S 3809871894:3809871894(0)
win 1024
Mar 09 00:00:03.394312 rule 12/(match) pass in on em0:
178.175.97.53.53172 > *192.168.1.210.23:* S 2983985618:2983985618(0) win
33941 [tos 0x4]
Mar 09 00:00:03.500488 rule 12/(match) pass in on em0:
171.67.71.100.35957 > *192.168.1.249.8848:* S 1091778644:1091778644(0)
win 65535
Mar 09 00:00:03.637855 rule 12/(match) pass in on em0:
203.212.200.241.58457 > *192.168.1.210.23:* S 1746544785:1746544785(0)
win 5808 <mss 1452,sackOK,timestamp 63610938 0,nop,wscale 2> (DF)
- [shell-script-pt] Parser em log pflogfile, Marcelo Primo, 2021/03/10
- Re: [shell-script-pt] Parser em log pflogfile, Julio C. Neves, 2021/03/10
- Re: [shell-script-pt] Parser em log pflogfile,
Blau Araujo <=
- Re: [shell-script-pt] Parser em log pflogfile, Blau Araujo, 2021/03/11
- Re: [shell-script-pt] Parser em log pflogfile, Marcelo Primo, 2021/03/11
- Re: [shell-script-pt] Parser em log pflogfile, Blau Araujo, 2021/03/11
- Re: [shell-script-pt] Parser em log pflogfile, Marcelo Primo, 2021/03/11
- Re: [shell-script-pt] Parser em log pflogfile, Arkanon, 2021/03/11
- Re: [shell-script-pt] Parser em log pflogfile, Marcelo Primo, 2021/03/11
- Re: [shell-script-pt] Parser em log pflogfile, Arkanon, 2021/03/11
- Re: [shell-script-pt] Parser em log pflogfile, Arkanon, 2021/03/12
- Re: [shell-script-pt] Parser em log pflogfile, Arkanon, 2021/03/12
- Re: [shell-script-pt] Parser em log pflogfile, Marcelo Primo, 2021/03/12