Ah, the easy
answer is that grep is not the way. You want something a little higher up
on the food chain, awk.
gawk "$4 == 2"
netflow.txt
or the identical
but clearer:
gawk "$4 == 2
{print $0}" netflow.txt
will parse the
file called netflow.txt and only output the the whole row where column
4 is equal to 2.
Getting sums out
of the rows will require programming. awk can do this in a brief script,
but you may be happier doing it somewhere else (think of awk as the
prototype for Perl).
If you knew that
you were really only interested in interface 2 and that column 12 contained
"bytes in" (hypothetically, I don't really know the contents of each of the
columns in your example), this would do the trick nicely:
gawk "$4 == 2
{total+= $7} END {print total}" netflow.txt
You could easily
extend that script to keep running totals for various values in column $12
(which I'm guessing is the destination port), if you know which values you care
about ahead of time, or get really fancy and use an indexed array and let awk
keep track of each port as index values.
I hope that gives
you enough of a head start,
Andrew
8)
-----Original Message-----
From: serge [mailto:[EMAIL PROTECTED]
Sent: Saturday, May 29, 2004 10:03 AM
To: [EMAIL PROTECTED]
Subject: [Declude.JunkMail] OT: GREP Help NeededFrom the grep expertBelow is a sample log file (cisco netflow output)1- how can we export the lines with interface number 2 (in red) to another smaller file2- can we easily get bytes totals per ipadress, port #, ...216.226.209.180 202.59.119.218 10.0.6.1 2 4 6 304 2004-05-27 19:12:47.097 2004-05-27 19:12:57.097 5466 6346 3 6 0 0 0 24 0 208.154.200.5
192.36.125.2 208.154.200.6 208.154.200.6 4 2 1 233 2004-05-27 19:12:43.109 2004-05-27 19:12:43.109 53 1090 16 17 0 0 0 0 25 208.154.200.5
208.154.200.6 193.0.0.193 10.0.6.1 2 4 1 69 2004-05-27 19:12:43.113 2004-05-27 19:12:43.113 1090 53 16 17 0 0 0 25 0 208.154.200.5
65.57.234.3 216.226.209.154 216.226.209.154 1 2 1 40 2004-05-27 19:12:43.209 2004-05-27 19:12:43.209 6667 55790 16 6 0 0 0 0 24 208.154.200.5
216.226.209.144 213.30.182.60 10.0.6.1 2 4 2 112 2004-05-27 19:12:42.545 2004-05-27 19:12:43.041 0 771 16 1 0 0 0 24 0 208.154.200.5
66.118.142.125 216.226.209.133 216.226.209.133 1 2 2 106 2004-05-27 19:12:41.285 2004-05-27 19:12:42.897 65475 1034 24 6 0 0 0 0 24 208.154.200.5
216.226.209.183 216.155.193.182 10.0.6.1 2 4 2 156 2004-05-27 19:12:41.493 2004-05-27 19:12:43.069 10784 119 24 6 0 0 0 24 0 208.154.200.5
216.226.209.183 68.96.10.174 10.0.6.1 2 4 3 132 2004-05-27 19:12:39.081 2004-05-27 19:12:42.769 10728 60633 24 6 0 0 0 24 0 208.154.200.5