On Thu, Jul 07, 2005 at 07:18:26PM +0100, Michael Thompson wrote: > I am trying to extract information in my logs for a abuse department and am > using the code: > > Code: > > zcat /var/log/messages.*?.gz | grep 212.56.68.108 >> /home/mike/abuse1 > > The logs are standard: messages.??.gz > > However, when I examine the output, it starts on the 1st may, however the > logs > contain details from the 25th Febuary. What am I doing wrong?
This isn't the cause of your problem (which has probably been solved by some of the other posts), but don't forget that grep matches regexps, not strings, and "." in a regexp matches any single character. Therefore your code will match "212a56b68c108" (for example), as well as the ip you probably intended to match. To make sure you only match the ip, you'll need to escape the .s and surround the regexp by quotes: grep '212\.56\.68\.108' I'm probably telling you things you already know ;-) And it probably won't matter much anyway, but I thought I'd mention it in case it helps someone. Toby -- Quantum Information Theory group Max Planck Institute for Quantum Optics Garching, Germany email: [EMAIL PROTECTED] web: www.dr-qubit.org -- gentoo-user@gentoo.org mailing list
