Awk to count matching IP address

new_buddy · May 27, 2008, 7:04am

Hi all,

I am kinda new to unix and shell programming. I am stucked with the raw data to do the filtering things. Generally, the output should count unique connected destination for each source and total of flows for it. Here is the example of input file:

  Source IP               Dest IP           No. of Flows
222.233.123.136   192.168.129.197      9
221.241.57.125    192.168.129.197      22
221.241.57.125    192.168.128.210       1
221.187.240.145   192.168.129.197     6
221.128.134.247   192.168.129.197     18
221.128.134.247   192.168.129.1        20

The output should be like this format

222.233.123.136   1     9
221.241.57.125     2    23
221.187.240.145    1    6
221.128.134.247   2    38

I am using awk for this job. Really need for help. Thanks in advance
Here is the piece of my coding.

awk 'BEGIN{SUBSEP="@"}
	
	count=0
 	{ for(i=1;i < NF;i++) 
	{ if ($i==$1)
		{ 
		src=$1
		conn=$3
		count++
		}
	}
	{
	if ($1==src)
	{
	while (count>1)
	{ conn += $3 }
	}	
	}
		unique[src,conn]++
}
	
			
END{
	for (i in unique){
	n=split(i,u,SUBSEP)
	print u[1]"   " unique"  "u[2]
 
}

}' tcpfile.sorted | sort -rn >> tcpfile.unique
}

Klashxx · May 27, 2008, 7:38am

Try:

awk 'NR>1{a[$1]++;b[$1]=b[$1]+$3}END{for (i in a) print i,a,b}' file|sort -rn

penchal_boddu · May 27, 2008, 7:51am

Hi Klashxx,

NR>1 condition is not needed i think . Infact it should not be there

Thanks
Penchal

new_buddy · May 28, 2008, 5:24am

Thanks you very much for your help.
It's working now.
Cheers..