On Thursday 07 July 2005 19:32, A. Khattri wrote: > On Thu, 7 Jul 2005, Michael Thompson wrote: > > I am trying to extract information in my logs for a abuse department and > > am using the code: > > > > Code: > > > > zcat /var/log/messages.*?.gz | grep 212.56.68.108 >> /home/mike/abuse1 > > > > The logs are standard: messages.??.gz > > > > However, when I examine the output, it starts on the 1st may, however the > > logs contain details from the 25th Febuary. What am I doing wrong? > > Show us some sample log lines.
Apr 24 06:39:51 polaris INPUT BLOCKED: IN=eth1 OUT= MAC=00:09:5b:1f:16:42:06:05:5d:9f:a3:74:08:00 SRC=212.56.68.108 DST=212.159.25.17 LEN=71 TOS=0x00 PREC=0xA0 TTL=58 ID=0 DF PROTO=UDP SPT=46245 DPT=161 LEN=51 -- Mike To see the world in a grain of sand, and to see heaven in a wild flower, hold infinity in the palm of your hands, and eternity in an hour. GnuGPG KeyID:=FC0D8D9A -- gentoo-user@gentoo.org mailing list
