我正在尝试对日志文件进行排序,以获取唯一IP地址的总数,并对出现的地址进行大于n的操作。这是我的第一个命令:
$ grep -B 1 "foobar" ip.log | grep "IP Address" > ip_count.log
输出:
IP Address : 133.55.39.56
IP Address : 116.243.70.151
IP Address : 117.46.13.194
IP Address : 115.179.82.10
IP Address : 13.123.2.123
IP Address : 13.123.2.123
IP Address : 13.123.2.123
IP Address : 13.123.2.123
IP Address : 13.123.2.123
IP Address : 13.123.2.123
IP Address : 13.123.2.123
IP Address : 13.123.2.123
IP Address : 13.123.2.123
IP Address : 33.123.2.123
IP Address : 33.123.2.123
IP Address : 33.123.2.123
IP Address : 33.123.2.123
IP Address : 33.123.2.123
IP Address : 33.123.2.123
如果我这样做,我将得到适当的计数:
$ awk '{print $4}' ip_count.log | uniq -c
1 133.55.39.56
1 116.243.70.151
1 117.46.13.194
1 115.179.82.10
9 13.123.2.123
6 33.123.2.123
但是如果我这样做,我不会:
$ while read -r line ; do c=$(echo $line | awk '{print $4}' | \
uniq -c | awk '{print $1}') ; if [[ $c -gt 1 ]]; then echo "$line" ; \
fi ; done < ip_count.log
1 133.55.39.56
1 116.243.70.151
1 117.46.13.194
1 115.179.82.10
1 13.123.2.123
1 13.123.2.123
1 13.123.2.123
1 13.123.2.123
1 13.123.2.123
1 13.123.2.123
1 13.123.2.123
1 13.123.2.123
1 13.123.2.123
1 33.123.2.123
1 33.123.2.123
1 33.123.2.123
1 33.123.2.123
1 33.123.2.123
1 33.123.2.123
我不确定循环中我在做什么错,所以也许有人可以告诉我。总有一些更好的方法可以将所有这些组合到一个命令中,因此,感谢任何提示,谢谢。
似乎不需要循环:
uniq -c ip_count.log | awk '$1 > 1 { print $1" "$5 }'