firewall log parsing scratch notes

From cpwiki.net

Revision as of 14:12, 8 October 2014 by Nighthawk (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

Check Point Profressional Services

command run on "fw log" output to txt file...

cat /var/tmp/CLM_2014-10-03_06-00-00_to_09-00-00.log.txt | awk -F ";" '{print $3}' | awk "{print $2}' |  uniq -c | sort -rn | head

cat /var/tmp/CLM_2014-10-03_06-00-00_to_09-00-00.log.txt | awk '{for (i=1; i<=NF; i++) if ($i=="src:") print $(i+1)}' | uniq -c | sort -rn | head

cat /var/tmp/CLM_2014-10-03_06-00-00_to_09-00-00.log.txt | awk '{for (i=1; i<=NF; i++) if ($i=="src:") print $(i+1)}' | sort | uniq -c | sort -n -r | head

cat /var/tmp/CLM_2014-10-03_06-00-00_to_09-00-00.log.txt | grep "src: 17.24.13.25" | awk '{for (i=1; i<=NF; i++) if ($i=="src:") print $(i+1)} ' | wc -l

awk '{for (i=1; i<=NF; i++) if ($i=="src:") print $(i+1)}' | sort | uniq -c | sort -n -r | head

Retrieved from "http://www.cpwiki.net/index.php?title=firewall_log_parsing_scratch_notes&oldid=544"