[ale] Is awk the right tool for this?

Kevin Krumwiede krum at smyrnacable.net
Tue May 7 01:03:37 EDT 2002


I want to go through my firewall logs and extract the source address of
dropped packets.  I can't just use cut to get the right field because of
different flags on the packets.  So how do I get just the token that
begins with "SRC="?  I have a feeling awk is the tool for the job, but I
don't really know how to use it.

grep dropped /var/log/kernel/info | ??? | sort | uniq | ...

Thanks,
Krum


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list