Mailing List Message #105666
From: Martin Miller <>
Subject: Using AWK on unix flavour to extract log information
Date: Tue, 2 Jun 2015 23:56:52 +1200
To: CommuniGate Pro Discussions <>
I want to extract all Failed to entries to pull the IP so I can deny.

Why? Its a little server and am tired of the continuous probes, and there is zero chance of legitimates being caught up in the fails.

Here is a typical log row:

23:31:51.485 1 SMTPI-002310([]) failed to open ACCOUNT(corp) for []:52281->[]:25. Error Code=account is routed to NULL

Can anyone suggest an awk statement to parse the above to get
Ideally using uniq to return unique list.

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster