Mailing List CGatePro@mail.stalker.com Message #105666
From: Martin Miller <anothersphere@gmail.com>
Subject: Using AWK on unix flavour to extract log information
Date: Tue, 2 Jun 2015 23:56:52 +1200
To: CommuniGate Pro Discussions <cgatepro@mail.stalker.com>
I want to extract all Failed to entries to pull the IP so I can deny.

Why? Its a little server and am tired of the continuous probes, and there is zero chance of legitimates being caught up in the fails.

Here is a typical log row:

23:31:51.485 1 SMTPI-002310([202.83.25.95]) failed to open ACCOUNT(corp) for [202.83.25.95]:52281->[192.168.1.67]:25. Error Code=account is routed to NULL

Can anyone suggest an awk statement to parse the above to get 202.83.25.95
Ideally using uniq to return unique list.

--
MJM
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster