Hi, I need a help.
I have the following log file entries
[28 Mar 2019 13:11:48,576] [Nsh-Proxy-Thread-102] [INFO] [admhowdy@blog.com:UNIXAdmins:100.0.0.1] [ROSSOPRO
XY] Connected to srtmm.blog.com with a socket descriptor 344
I want the date "28 Mar 2019 13:11:48,576" and username admhowdy@blog.com and ip address 100.0.0.1.
How to achieve this?
Thanks,
Dinesh
Well, at least, you should show us some attempts at the problem.
Try this awk
awk ' {gsub("\\[|\\]","",$0); split($7,a,":"); date=$1 FS $2 FS $3 FS $4; print date, a[1], a[3] } ' <your file>
Regards
Peasant.
Thank you very much. Next time I will post what I tried.
gsub("\\[|\\]", "", $0) can be simplified gsub("[][]", "")
Explanation: in a RE a [ ] character set cannot be empty so an immediate ] is a character. And $0 is default in sub() and gsub().
A good alternative is to use this RE as a field separator; then the even fields $2 $4 ... are within the square brackets:
awk -F '[][]' '{ split($8, a, ":"); print $2, a[1], a[3] }' filename