Get count of IP addresses in a log file arranged in descending order of frequency
From Notes_Wiki
Home > Shell scripting > Useful bash shell scripts > Get count of IP addresses in a log file arranged in descending order of frequency
To get count of IP addresses in a log file arranged in descending order of frequency use following steps:
- Get all the IPs from log file into a temporary file:
- grep -o '\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}' log-file > ip1.txt
- Remove set of IPs that are not important such as loop-back or machines own IP address or local IP ranges
- grep -v 127.0.0.1 ip1.txt | grep -v 1.2.3.4 | grep -v '^192\.168' > ip2.txt
- Sort IPs, get count of each IP with help of "uniq -c" and then again sort in reverse order of frequency using sort:
- cat ip2.txt | sort | uniq -c | sort -rnb > ip3.txt
- Final temporary file (eg ip3.txt in above command) would have IPs arranged in descending order of frequency with frequency also mentioned in front of each IP
Home > Shell scripting > Useful bash shell scripts > Get count of IP addresses in a log file arranged in descending order of frequency