How to properly pin this BASH operator?
What is the best loop to use for this line of code I have made that goes through the log file and finds lines that are not executed in $6
? Pretty fresh to BASH and LINUX and can't get any loop to work correctly.
Sep 13 12:09:39 icarus sshd[14043]: Failed none for invalid user 55659 Sep 13 12:09:43 icarus sshd[14043]: pam_unix(sshd:auth): check pass; user unknown Sep 13 12:09:43 icarus sshd[14043]: pam_unix(sshd:auth): Sep 13 12:09:44 icarus sshd[14043]: Failed password for invalid user 55659 Sep 13 12:09:48 icarus sshd[14043]: pam_unix(sshd:auth): check pass; user unknown Sep 13 12:09:50 icarus sshd[14043]: Failed password for invalid user 55659 from
sample team
cat auth.log | sed -e 's/,//g' | awk -F" " '{print $6}'
source to share
Instead of printing, $6
just print the lines where $6
"Failed" matches:
You had
cat auth.log | sed -e 's/,//g' | awk -F" " '{print $6}'
you can use
sed -e 's/,//g' auth.log | awk '$6=="Failed"'
(As others have pointed out, sed
can take a filename as an argument, and awk
by default it will strip out a space, so there is no need to provide an argument -F
.)
(There are no commas in your example input, so you might not even need the command sed
.)
source to share