sed on SunOS 5.10

Hello all,

I am having some problems using sed on a sunOS 5.10, I am using bash. For some reason the regexp I am trying to build is not working, even though it should.

I am trying to parse some syslog messages and I need to match the first IP address , then replace it with something else. Does anyone have a quick example of a sed line to match and replace an IP address ?

Thanks,
Sylaan

Show us the sed statement you have.

I just tried something simple first, like matching the first number and replacing it with some text:

server:~$ echo "This is an IP: 172.10.10.3 " | sed  -e "s/([01]?\d\d)/TEST/g"
This is an IP: 172.10.10.3

But it's not really working. What am I doing wrong ? This is the sed I am using:

server:~$ which sed
/usr/xpg4/bin/sed

What is ([01]?\d\d) ? That has a Perl resemblance.

Try this one

sed -e "s/[0-9]\{1,3\}\(\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\)/TEST\1/g"

[0-9]\{1,3\} is used to match numbers from 1 to 999
\. is used to match a '.'

It seems to work, it replaces the first byte of the IP:

server:~$ echo "This is an IP: 3.10.10.3" | sed -e "s/[0-9]\{1,3\}\(\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\)/TEST\1/g"
This is an IP: TEST.10.10.3

How would I go about replacing the whole IP ?

How do you think that can be done ? Any tries ? I have explained what the regex is.

I think I got it, I need to remove the \1 at the end.

You are on your way. But what is inside \1 ? How did I collect the pattern inside \1 ?

I thought that is what's inside the (, ) but that does not encompasses the whole pattern.

Ok, I just moved the first \( and now \1 is the whole pattern, I can replace it and it works :slight_smile: Thanks for your help so far.

Now I need to do something else. I actually need to replace the IP with a hostname. I have a small script that does this but I am not sure how to pass the \1 to my script, inside the sed statement.

Normally the script does this:

server:~$ res 10.1.1.3
host1.domain.com

The res script is just a simple grep script:

server:~$ cat bin/res
#!/usr/bin/bash
grep -w $1 /etc/hosts | cut -f2

But when I try to integrate it into the sed line, I get this:

server:~$ echo "This is an IP: 10.10.2.10" | sed -e "s/\([0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\)/`res "\1" `/g"
grep: RE error in \<\1\>: number in \[0-9] invalid
This is an IP:

The grep inside "res" does not like the \1, which I kinda understand. Thing is, if I do a simple echo "\1" instead of the res "\1" then it works, the \1 is replaced with the actual IP from the sed statement.

Any ideas ?

Thanks,
Sylaan

What about

NAME=$(res 10.1.1.3)
echo "This is an IP: 10.10.2.10" | sed -e "s/[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}/$NAME/g"

That works but I kinda need to use the \1, the IP address that I matched. The lines I am going to parse will be syslog entries, which contain IP addresses. I just need to tail the syslog, pipe it through the sed statement and replace the IP address with its equivalent hostname (which I get via the small res script).