Estrarre IP da file di log del LISTENER
Per cercare il log de listener fare:
# lsnrctl status
Esempio: Da questa riga che è in un file LISTENER.log di interesse
31-JAN-2023 23:58:53 * (CONNECT_DATA=(SID=PROT)(CID=(PROGRAM=JDBC Thin Client)(HOST=__jdbc__)(USER=tomcat))) * (ADDRESS=(PROTOCOL=tcp)(HOST=10.161.2.9)(PORT=41294)) * establish * PROT1 * 0
devo estrarre queste informazioni
(PROGRAM=JDBC Thin Client)(HOST=__jdbc__)(USER=tomcat))) * (ADDRESS=(PROTOCOL=tcp)(HOST=10.161.2.9)(PORT=41294))
Questi permette di avere una tabella che puoi portare anche in excel.
Ogni campo è separato da un pipe.
echo "SID|PROGRAM|HOST|USER|PROTOCOL|HOST|PORT" && cat listener.log |
awk -F= '{print $3 "§1§" $5 "§2§" $6 "§3§" $7 "§4§" $9 "§5§" $10 "§6§" $11}' |
sed 's/).*§1§/|/' | sed 's/).*§2§/|/' | sed 's/).*§3§/|/'| sed 's/).*§4§/|/'| sed 's/).*§5§/|/'| sed 's/).*§6§/|/'| sed 's/).*$//'
> estrazione.txt
- echo stampa i nomi di colonna
- awk separa le righe in campi utilizzando il simbolo "=" e inserisce dei bookmark
- i vari sed sostituiscono le parti inutili fino ai bookmark con un pipe
31-JAN-2023 23:58:53 * (CONNECT_DATA=(SID=PROT)(CID=(PROGRAM=JDBC Thin Client)(HOST=__jdbc__)(USER=tomcat))) * (ADDRESS=(PROTOCOL=tcp)(HOST=10.161.2.9)(PORT=41294)) * establish * PROT1 * 0
devo estrarre queste informazioni
(PROGRAM=JDBC Thin Client)(HOST=__jdbc__)(USER=tomcat))) * (ADDRESS=(PROTOCOL=tcp)(HOST=10.161.2.9)(PORT=41294))
Questi permette di avere una tabella che puoi portare anche in excel.
Ogni campo è separato da un pipe.
echo "SID|PROGRAM|HOST|USER|PROTOCOL|HOST|PORT" && cat listener.log |
awk -F= '{print $3 "§1§" $5 "§2§" $6 "§3§" $7 "§4§" $9 "§5§" $10 "§6§" $11}' |
sed 's/).*§1§/|/' | sed 's/).*§2§/|/' | sed 's/).*§3§/|/'| sed 's/).*§4§/|/'| sed 's/).*§5§/|/'| sed 's/).*§6§/|/'| sed 's/).*$//'
> estrazione.txt
- echo stampa i nomi di colonna
- awk separa le righe in campi utilizzando il simbolo "=" e inserisce dei bookmark
- i vari sed sostituiscono le parti inutili fino ai bookmark con un pipe
Oppure
grep -oE '\b([0-9]{1,3}\.){3}[0-9]{1,3}\b' listner.log > IP_PROT.txt
-o Only print the matched (IP address) parts of matching lines.
-E Use extended regular expressions.
'\b([0-9]{1,3}\.){3}[0-9]{1,3}\b': The regular expression pattern that matches IP addresses.
\b
Word Boundary: This ensures that the match occurs at a word boundary. A word boundary is a position where a word character is not followed or preceded by another word character. This helps in avoiding partial matches within larger strings of digits.
([0-9]{1,3}\.){3}:
[0-9] Matches any digit from 0 to 9.
{1,3} Specifies that the preceding digit must appear between 1 and 3 times. This matches numbers from 0 to 999.
\.: The backslash \ is an escape character, and \. matches a literal period .. Without the backslash, the period would match any character.
([0-9]{1,3}\.){3} This whole part matches three groups of 1 to 3 digits followed by a period. It ensures that the first three octets of the IP address are matched.
[0-9]{1,3}:
This part matches the final octet of the IP address, which is also a number between 1 and 3 digits long.
\b
Word Boundary: This ensures that the match ends at a word boundary, making sure that the matched IP address is not part of a larger string of digits.
Per eliminare i record duplicati:
sort -u IP_PROT.txt > IP_PROT02.txt
Da lo stesso risultato questo ma con tempi più lunghi
cat IP_PRT.txt | sort | uniq
Verifica tempi:
time sort -u IP_ASSV.txt | wc -l
49 --> righe restituite
real 2m32.799s
user 2m30.727s
sys 0m0.530s
time cat IP_ASSV.txt | sort | uniq | wc -l
49 --> righe restituite
real 2m28.588s
user 2m35.486s
sys 0m1.300s
