From the grep expert
Below is a sample log file (cisco netflow
output)
1- how can we export the lines with interface
number 2 (in red) to another smaller file
2- can we easily get bytes totals per ipadress,
port #, ...
216.226.209.180
202.59.119.218 10.0.6.1
2 4 6 304 2004-05-27
19:12:47.097 2004-05-27
19:12:57.097 5466 6346 3 6 0 0 0 24 0 208.154.200.5
192.36.125.2 208.154.200.6 208.154.200.6 4 2 1 233 2004-05-27 19:12:43.109 2004-05-27 19:12:43.109 53 1090 16 17 0 0 0 0 25 208.154.200.5
208.154.200.6 193.0.0.193 10.0.6.1 2 4 1 69 2004-05-27 19:12:43.113 2004-05-27 19:12:43.113 1090 53 16 17 0 0 0 25 0 208.154.200.5
65.57.234.3 216.226.209.154 216.226.209.154 1 2 1 40 2004-05-27 19:12:43.209 2004-05-27 19:12:43.209 6667 55790 16 6 0 0 0 0 24 208.154.200.5
216.226.209.144 213.30.182.60 10.0.6.1 2 4 2 112 2004-05-27 19:12:42.545 2004-05-27 19:12:43.041 0 771 16 1 0 0 0 24 0 208.154.200.5
66.118.142.125 216.226.209.133 216.226.209.133 1 2 2 106 2004-05-27 19:12:41.285 2004-05-27 19:12:42.897 65475 1034 24 6 0 0 0 0 24 208.154.200.5
216.226.209.183 216.155.193.182 10.0.6.1 2 4 2 156 2004-05-27 19:12:41.493 2004-05-27 19:12:43.069 10784 119 24 6 0 0 0 24 0 208.154.200.5
216.226.209.183 68.96.10.174 10.0.6.1 2 4 3 132 2004-05-27 19:12:39.081 2004-05-27 19:12:42.769 10728 60633 24 6 0 0 0 24 0 208.154.200.5
192.36.125.2 208.154.200.6 208.154.200.6 4 2 1 233 2004-05-27 19:12:43.109 2004-05-27 19:12:43.109 53 1090 16 17 0 0 0 0 25 208.154.200.5
208.154.200.6 193.0.0.193 10.0.6.1 2 4 1 69 2004-05-27 19:12:43.113 2004-05-27 19:12:43.113 1090 53 16 17 0 0 0 25 0 208.154.200.5
65.57.234.3 216.226.209.154 216.226.209.154 1 2 1 40 2004-05-27 19:12:43.209 2004-05-27 19:12:43.209 6667 55790 16 6 0 0 0 0 24 208.154.200.5
216.226.209.144 213.30.182.60 10.0.6.1 2 4 2 112 2004-05-27 19:12:42.545 2004-05-27 19:12:43.041 0 771 16 1 0 0 0 24 0 208.154.200.5
66.118.142.125 216.226.209.133 216.226.209.133 1 2 2 106 2004-05-27 19:12:41.285 2004-05-27 19:12:42.897 65475 1034 24 6 0 0 0 0 24 208.154.200.5
216.226.209.183 216.155.193.182 10.0.6.1 2 4 2 156 2004-05-27 19:12:41.493 2004-05-27 19:12:43.069 10784 119 24 6 0 0 0 24 0 208.154.200.5
216.226.209.183 68.96.10.174 10.0.6.1 2 4 3 132 2004-05-27 19:12:39.081 2004-05-27 19:12:42.769 10728 60633 24 6 0 0 0 24 0 208.154.200.5
216.226.209.180 202.59.119.218 10.0.6.1 2 4 6 304 2004-05-27 19:12:47.097 2004-05-27 19:12:57.097 5466 6346 3 6 0 0 0 24 0 208.154.200.5 192.36.125.2 208.154.200.6 208.154.200.6 4 2 1 233 2004-05-27 19:12:43.109 2004-05-27 19:12:43.109 53 1090 16 17 0 0 0 0 25 208.154.200.5 208.154.200.6 193.0.0.193 10.0.6.1 2 4 1 69 2004-05-27 19:12:43.113 2004-05-27 19:12:43.113 1090 53 16 17 0 0 0 25 0 208.154.200.5 65.57.234.3 216.226.209.154 216.226.209.154 1 2 1 40 2004-05-27 19:12:43.209 2004-05-27 19:12:43.209 6667 55790 16 6 0 0 0 0 24 208.154.200.5 216.226.209.144 213.30.182.60 10.0.6.1 2 4 2 112 2004-05-27 19:12:42.545 2004-05-27 19:12:43.041 0 771 16 1 0 0 0 24 0 208.154.200.5 66.118.142.125 216.226.209.133 216.226.209.133 1 2 2 106 2004-05-27 19:12:41.285 2004-05-27 19:12:42.897 65475 1034 24 6 0 0 0 0 24 208.154.200.5 216.226.209.183 216.155.193.182 10.0.6.1 2 4 2 156 2004-05-27 19:12:41.493 2004-05-27 19:12:43.069 10784 119 24 6 0 0 0 24 0 208.154.200.5 216.226.209.183 68.96.10.174 10.0.6.1 2 4 3 132 2004-05-27 19:12:39.081 2004-05-27 19:12:42.769 10728 60633 24 6 0 0 0 24 0 208.154.200.5
