Check out screend written by Paul Vixie a long time ago.  In my past, I 
wrote some perl scripts that basically gave the ability to the user to 
design a pattern array and count the number of occurrences of certain log 
messages, etc, etc.  The reporting functionality of those scripts provided 
the same ability as shown in some of the earlier FWTK reporting scripts, 
but with more flexibility. 






Gary White <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
04/05/00 06:52 AM

 
        To:     [EMAIL PROTECTED]
        cc: 
        Subject:        log analysis patterns...?


Hi-
My e-mail logs are lately full of addresses like the ones below.  When
summarizing them I'd like to reduce a list like this to just the common 
part
and show them as something like

owner-nolist-nnnnn*jdoe**dept*-domain*[EMAIL PROTECTED]

but my Perl skills fail me in trying to figure out how to do this easily.
Any suggestions for finding patterns like this would be most appreciated.
Thanks!
-Gary


owner-nolist-16081*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16088*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16089*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16090*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16091*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16092*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16093*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16128*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16150*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16151*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16165*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16221*jdoe**dept*-domain*[EMAIL PROTECTED]
__________________________________________________________________
Gary White               ARCO
[EMAIL PROTECTED]          2300 W Plano Parkway
(972) 509-6554           Plano, Texas 75075

-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]


-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to