[ale] Text Processing Happiness - I'm no longer lost

Bruce callmebruce2002 at yahoo.com
Sat Aug 18 13:40:26 EDT 2007


Now, for step two.

I'm exporting tons of wonderful data, but want to find
out what unique applications are running. The records
look like this:
10.1.31.84,10.1.12.92,539,0,TCP_ars-master-3176-tcp,2,88,1
10.1.31.84,10.1.12.92,539,0,TCP_csd-mgmt-port-3071-tcp,2,88,1
10.1.31.84,10.1.12.92,539,0,TCP_d2000kernel-3119-tcp,2,88,1
10.1.31.84,10.1.12.92,539,0,TCP_feitianrockey-3152-tcp,2,88,1
10.1.31.84,10.1.12.92,539,0,TCP_hp-pxpib-3101-tcp,2,88,1
10.1.31.84,10.1.12.92,539,0,TCP_ncadg-ip-udp-3063-tcp,2,88,1
10.1.31.84,10.1.12.92,539,0,TCP_ndl-aas-3128-tcp,2,88,1
10.1.31.84,10.1.12.92,539,0,TCP_responsenet-3045-tcp,2,88,1
10.1.31.84,10.1.12.92,539,0,TCP_tarantella-3144-tcp,2,88,1
10.1.31.84,10.1.12.92,539,0,TCP_tip-app-server-3160-tcp,2,88,1

What I'd like to do is find out all the unique
applications that are running on the network. I want
to pipe in the file, use the comma as a field
delimiter - and strip out fields one, two, three, four
- keep field five (the application), then strip out
fields six, seven and eight (packets, octets and
flows). Once I get all the applications stripped out,
I'll do a sort uniq to get down to one instance per
app. 

I think the cut command would do the trick, and am
googling it. Is that the right direction? How do I
strip the fields and just leave the app. name there?

--- Bruce <callmebruce2002 at yahoo.com> wrote:

> Thanks! That did the trick. Now I'm collecting on
> all well-known and registered ports. 


       
____________________________________________________________________________________Ready for the edge of your seat? 
Check out tonight's top picks on Yahoo! TV. 
http://tv.yahoo.com/



More information about the Ale mailing list