[nycbug-talk] Text parsing question
maddaemon at gmail.com
maddaemon at gmail.com
Mon Dec 15 18:49:40 EST 2008
List,
I'm hoping someone can help me with this...
I'm trying to search for a pattern in a text file that contains login
info from a syslog and weed out entries that are duplicated with
differnt IP addresses.
For example, here are 2 lines:
Dec 15 05:15:56 - abc1234 tried logging in from 192.168.8.17
Dec 15 05:15:56 - abc1234 tried logging in from 192.168.18.13
where 192.168.8.17 is the Windows DC, and the other is the IIP of the
webmail server.
I need to remove the line that contains the DC _ONLY_WHEN_ there is a
duplicate entry (same timestamp) with another IP. The text file
contains hundreds of other entries, and there are single entries where
the DC IP is the only entry. Using the above examples, I need to
remove the first line and only retrieve the second line:
Dec 15 05:15:56 - abc1234 tried logging in from 192.168.18.13
Does anyone know how to go about doing this? I was going to try using
sed and compare the lines looking for the same timestamp + username +
IP1/IP2, but it gave me a headache when I tried to wrap my head around
the logic.
TIA
More information about the talk
mailing list