CODEWITHSUNDEEP
regexawksedlogparser
linuxman
linuxman

Reputation: 61

How to parse Dante log file

I have a dante socks log file and trying to a way out to parse getting two parts and seperate them with a semicolon.

Log File contains:

Sep 11 03:02:00 (1568505720.145620) danted[10402]: info: pass(2): tcp/connect -: pam.username%[email protected] 123.12.12.112.1080 -> 123.12.12.112.48198 111.123.123.147.443 (319721)
Sep 11 03:02:00 (1568505720.147471) danted[10402]: info: pass(2): tcp/connect -: pam.username%[email protected] 123.12.12.112.1080 -> 123.12.12.112.37449 123.123.123.211.443 (312)
Sep 11 03:02:00 (1568505720.148240) danted[10402]: info: pass(2): tcp/connect -: 111.123.123.147.443 123.12.12.112.48198 -> 123.12.12.112.1080 pam.username%[email protected] (723)
Sep 11 03:02:00 (1568505720.154784) danted[10402]: info: pass(2): tcp/connect -: 123.123.123.211.443 123.12.12.112.37449 -> 123.12.12.112.1080 pam.username%[email protected] (8831)

Basicly, I want to get after pam.username% to fetch to username and data rate inside of two parenthesise like 8831 so end up something like below:

MyUsername;319721
MyUsername;312
MyUsername;723
MyUsername;8831

I guess awk and sed/regex knowledge would be great at that point.

Thanks in advance,

Upvotes: -3

Views: 485

Answers (3)

Toto
Toto

Reputation: 91373

A perl way:

perl -ane 's/^.+?pam\.username%([^@]+).+?\((\d+).*$/$1;$2/;print' file.log
MyUsername;319721
MyUsername;312
MyUsername;723
MyUsername;8831

Upvotes: 1

RavinderSingh13
RavinderSingh13

Reputation: 133428

Using GNU awkand gensub function of it, could you please try following.

awk '
BEGIN{
  regex=".*(pam.username%[^@]*).*\\((.*)\\)"
}
{
  val=gensub(regex, "\\1;\\2","1",$0)
  sub(/[^%]*%/,"",val)
  print val
}
'  Input_file

Upvotes: 0

vs97
vs97

Reputation: 5859

Try using the following regex:

pam\.username%([A-Za-z0-9]+)@|\s\(([0-9]+)\)

Regex Demo

Explanation:

pam\.username%([A-Za-z0-9]+)@  # Match any A-Za-z0-9 between pam.username% and @ - Group 1
|                              # Or
\s\(([0-9]+)\)         # Match any digits between parenthesis following a whitespace - Group 2

Access the username via Group 1, and the data rate via Group 2.

Upvotes: 0

Related Questions