| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13
Comments:
<0> o yeah
<0> im just making up for my 1 week absence next week
<1> what was his name?
<0> mmm
<0> had 0s in it
<1> omikron
<0> omikron
<0> yeah
<2> thx for your help
<3> what is top 5? the first 5 in the file?
<4> the top 5 hits
<4> or the "most" hits
<3> oh
<4> to see what source ips got denied the most
<5> oh, so you need to 1) make a list of the source ips, and 2) grep for each and count their hits, and 3) find the top hitters
<4> right
<4> so i grep on DENIED in the log file and awk out the ip's
<5> imageek: something like grep -o [ip-pattern] [file] | sort -u | while read one_ip; do echo -n $one_ip; grep -c $one_ip [file]; done | awk '{print $2" "$1}' | sort -n
<1> as if webalizer wasn't already invented ;)
<5> this sounds like a better idea...
<5> (webalizer ... whatever that is ... is certainly better than my silly script)
<4> lol
<1> Vasistha: it creates webpages (statistics) from webserver/proxy logfiles
<4> well these log files reside on our main internet firewall where squid and dansguardian run in transparent proxy .. and i would rather not put something like webalizer on there
<4> but.. i might just copy them off and do it if thats what my boss would like
<1> funtime
<1> *wave*
<4> right now he just wants the top 5 sites denied and the top 5 internal ips denied
<5> imageek: honestly, though, that little script I just wrote, with a little adaptation, might do what you want
<5> imageek: does that stuff all make sense?
<4> yes.. im looking at it
<4> i will play with it
<3> it's amazing that people in such positions couldn't do something so easy
<5> imageek: it may behoove you to make a copy of the log with all timestamps stripped, and sort by IP ... depending on the sizes of things, you could speed things up with a bit of trickery
<5> uniplex: I dunno ... different people have different skill sets. I'm more a programmer, I can't *stand* system administration, and I've got a buddy who's a decent sys admin (for what he does, and needs to do) but not much of a programmer
<4> well.. im technically a security guy, but they dont have linux admins here so the security guys get to do it
<3> it is a scary world we live in
<6> :)
<7> hey guys, quick question
<7> domain="$i | gawk 'BEGIN { FS="/" }{ print $4 }' ";
<7> is that possible in any way?
<6> what are you trying to do?
<5> cry0gen: you probably want domain="$( commands )"
<8> what's in the variable i?
<7> just a for loop of /home/httpd/vhosts/*
<8> .... what??
<7> for i in /home/httpd/vhosts/*;
<5> cry0gen: oh, and that should be echo "$i" not just a standing $i
<7> ahh
<7> so
<7> domain=""$i" | gawk 'BEGIN { FS="/" }{ print $4 }' ";
<5> cry0gen: you're missing $()
<8> and the echo you JUST TOLD HIM to use...
<5> heh, and that...
<5> he basically just didn't change it at all from the first example
<7> domain=$("$i" | gawk 'BEGIN { FS="/" }{ print $4 }' );
<5> cry0gen: echo, echo!!
<7> oh lol
<7> totally blanked out
<5> cry0gen: now, tias ;-)
<8> why does it have to hurt so much....
<7> thanks,
<7> was reading advanced bash scripting guide, wasn't sure about how to execute
<8> maybe you need to read the basic one first.
<9> how could I shell script something simple like this: if $3 contains a char of '/' do some command?
<10> what [!A-Z] mean in bash regular expression
<11> !A-Z ?
<10> i don't know i see it in someone script
<12> GUIPEnguin_: [[ "$3" != ${3/\/} ]] && some command
<10> it's [!A-Z] and it's work fine
<10> but i don't know what this mean
<12> GUIPEnguin_: pardon, you should use quotes around "${3/\/}", too
<9> thanks a lot
<9> i'll try it
<8> it means a character which is either an exclamation point or a capital letter.
<9> thats a lot different then the if something do this... else if do this
<9> thing im used to
<10> greycat, so it's not like [^A-Z]
<12> GUIPEnguin_: it just looks different, you can use also: if [[ "$3" != ${3/\/} ]] ; then .... ; fi
<12> argh... missed the quotes again (it would hurt if ${3} contains spaces.
<12> GUIPEnguin_: if [[ "$3" != "${3/\/}" ]] ; then .... ; fi (just to have it correct at least once ;)
<9> lol, much thanks
<8> you don't need the quotes inside [[ ]]
<10> greycat, thanks much
<9> is it nessesary to use ; before fi ? or can you just do fi at the end
<8> ; can be replaced with a newline.
<8> it's a command separator
<10> I need to check if a variable contains any numberic characters, how can i do that?
<9> k
<8> if [[ $foo = *[0-9]* ]]
<10> hmmm
<10> thanks much
<13> I need to loop through all subdirs and files from a given path. I can't seam to find an exampel in the topic links, are there a way to do this? Know of an example I can have a look at?
<6> to do what?
<12> grepper: oh, didn't know I wouldn't need quotes in [[ ]] - thanks
<13> goldfish, was that for me?
<6> m_abs: yes.
<6> what do you need to loop through them for?
<12> ooops. greycat I meant. thank you greycat... (I think I should get some coffee now)
<8> m_abs: find | while read ...
<13> goldfish, I'm converting my collection of FLAC-files (all from my original CDs) to mp3 for my portable mp3-player. The files are sorted in dirs after artist, album and some cd in album.
<13> greycat, will what handle spaces in paths?
<5> m_abs: actually, I believe it will. find | while read line; do ... (remember, though, to quote "$line")
<8> !faqspaces
<14> http://wooledge.org/mywiki/BashFaq#faq20 -- How can I find and deal with file names containing newlines, spaces or both?
<8> "while read" will only choke on newlines or *leading* spaces.
<13> greycat, thanks :)
<5> *cringe warning* ::: this is the stupidest thing I think I have ever seen anyone do in a *long* time: <HellDragon> i did a chmod 777 on all the files of my comp <HellDragon> i dont need to be root anymore to do things
<6> haha.
<6> What channel ? :)
<8> sounds like #debian.
<5> freenode-social
<8> except in #debian, they would've got to stage 2: "I did chmod -R 777 / and now foo, bar, and baz are broken... how do I put it back?"
<8> it wasn't quite a FAQ, but it wasn't entirely uncommon
<15> well
<8> and then we'd say "restore from your last backup"
<15> and on #debian on ircnet, stage3 would be "You will not help me? YOU ****ING BASTARD"
<5> hum ... does opening permissions actually break stuff? I can't say I've ever done the 'tias' on that...
<16> Sounds like the perfect moment to suggest they install Windows98 instead. No f.cking problems with ACL's-
<8> and they'd say "my last *what*?"
<8> predictable as mosquito bites in a swamp.
<5> I asked him why he didn't just convert his partition to fat32 ;-)
<16> Vasistha
<16> Vasistha: sshd will not like too wide permissions.
<15> Vasistha: he'd need symlinks...
<17> if I have a command outputing several lines, how would I go about squishing those lines together in a single line?
<5> MiniMax: ahha. well, perhaps I should go advise him to run sshd and xhost +
<8> oh, it breaks all kinds of things.
<15> GSF: tr -d "\n"
<17> thanks
<8> they're pretty subtle at first
<18> on a single-user machine there's no point to user/super-user separation.
<8> kothog: wrong.
<15> single-user, offline
<15> etc. etc.
<15> also it protects you from human error a bit
<5> it protects you from being stupid, and puts you into good habits.
<18> right, so let's ***ume the competent user isn't stupid for a moment, shall we. In essence, I am ***uming that those participating in this discussion are in that "competent" range.
<15> heh
<15> let's also asume we can all live in peace and harmony
<18> besides that, the reality is that anything important the user is working on, or any documents, aren't going to be subject to that protection anyway. the rest is just simple system config.
<0> OMG php ****s ***
<16> kothog: Do you run a web-server on that single-user machine?
<0> why o why did i ever write anything in it
<15> _sho_: I _so_ second that opinion
<8> MiniMax: why would he? he's obviously just a windows luser at heart, who hasn't learned how Unix works yet.
<5> _sho_: it's interesting that you're saying that in #bash ... I find the languages strikingly similar ... *dodges attack*
<15> even worse than php are thirteen years old progamer 'PHP coders'
Return to
#bash
or
Go to some related
logs:
config_lo
debian cups start stop
rdesktop 5190
c201 ubuntu
#physics
#ubuntu
how to send a magic packet
#oe
#linux
key ID 025e513b
|
|