- AWK e log Syslog
+ Responder ao Tópico
-
AWK e log Syslog
Colegas, preciso fazer um script para refinar esse tipo de log abaixo:
Jun 5 04:19:31 fw2000 fw2000 dhcpd: Both dynamic and static leases present for 10.0.1.108.
Jun 5 04:19:31 fw2000 fw2000 dhcpd: Either remove host declaration Alcy or remove 10.0.1.108
Jun 5 04:19:31 fw2000 fw2000 dhcpd: from the dynamic address pool for 10.0.0.0
Jun 5 04:19:31 fw2000 fw2000 dhcpd: DHCPREQUEST for 10.0.1.108 from 00:0d:88:9d:b8:05 via eth0
Jun 5 04:19:31 fw2000 fw2000 dhcpd: DHCPACK on 10.0.1.108 to 00:0d:88:9d:b8:05 via eth0
Jun 5 04:20:32 fw2000 fw2000 dhcpd: Both dynamic and static leases present for 10.0.1.141.
Jun 5 04:20:32 fw2000 fw2000 dhcpd: Either remove host declaration PrefeituraMunicipal or remove 10.0.1.141
Jun 5 04:20:32 fw2000 fw2000 dhcpd: from the dynamic address pool for 10.0.0.0
Jun 5 04:20:32 fw2000 fw2000 dhcpd: DHCPREQUEST for 10.0.1.141 from 00:0f:3d:68:1a:9d via eth0
Jun 5 04:20:32 fw2000 fw2000 dhcpd: DHCPACK on 10.0.1.141 to 00:0f:3d:68:1a:9d via eth0
Jun 5 04:24:31 fw2000 fw2000 dhcpd: Both dynamic and static leases present for 10.0.1.108.
Jun 5 04:24:31 fw2000 fw2000 dhcpd: Either remove host declaration Alcy or remove 10.0.1.108
Jun 5 04:24:31 fw2000 fw2000 dhcpd: from the dynamic address pool for 10.0.0.0
Jun 5 04:24:31 fw2000 fw2000 dhcpd: DHCPREQUEST for 10.0.1.108 from 00:0d:88:9d:b8:05 via eth0
Jun 5 04:24:31 fw2000 fw2000 dhcpd: DHCPACK on 10.0.1.108 to 00:0d:88:9d:b8:05 via eth0
Jun 5 04:25:32 fw2000 fw2000 dhcpd: Both dynamic and static leases present for 10.0.1.141.
Jun 5 04:25:32 fw2000 fw2000 dhcpd: Either remove host declaration PrefeituraMunicipal or remove 10.0.1.141
Jun 5 04:25:32 fw2000 fw2000 dhcpd: from the dynamic address pool for 10.0.0.0
Esse script é do log dhcp do meu firewall, e eu precisava saber quem estaria online nos ultimos 5 minutos, sendo assim penso em fazer um script com AWK para refinar esse log, e gostaria de ter uma saída neste formato:
Usuário | IP | MAC | Data/Hora
se alguém puder ajudar, ficarei muito grato.
-
AWK e log Syslog
cat log | grep DH | awk {'print $9 $11 $1 $2 $3'}
-
AWK e log Syslog
Cara,
arp -a , mostra quem se comunicou com o seu host nos últimos 20 minutos aproximadamente. Acho que isso pode te ajudar.
Abraços,
Fabio Laé
-
Re: AWK e log Syslog
Boa noite..
Vc poderia me informar usuário e senha padrão do do FW2000?