-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Welcome to the commands wiki! grep -E '10.6.20.[0-9]+' packetfilter.log | grep -E '[0-9]+.[0-9]+.[0-9]+.10' | grep -v 'accept' | grep -v 'dstport="8080"' | awk '{ print $16 }' | sort | uniq
tail -f packetfilter.log | awk '{ for (i = 1; i <= 30; i++) if ( $i ~ /2014/ || $i ~ /dstip/ || $i ~ /srcip/ || $i ~ /srcport/ || $i ~ /dstport/) printf "%s ", $i; printf "\n"; }'
tail -f http.log | awk '{ for (i = 1; i <= 30; i++) if ($i ~ /2014/ || $i ~ /user/ || $i ~ /dstip/ || $i ~ /srcip/ || $i ~ /url/ ) printf "%s ", $i; printf "\n"; }'
grep --color -E '10.6.12.[0-9]+' http.log grep ocyrus http.log | grep -v 'pass' grep proceed http-2014-07-* | awk '{print $12}' | sed s/url="// | sed s/"// | sort | uniq -c | sort -k1 | sed 'sXhttp://www.google.de/url?[A-Za-z0-9].*url=XXp' > whitelist.txt