Tried to create a script that would be a little more efficient than greping one IP Address at a time from a long list provided:
#!/bin/bash
# Tried to make searching through logs more efficient with this script by batching the grep statements
arrayIPAddr=()
while read line
do
arrayIPAddr+=("$line")
arrayIPSize=${#arrayIPAddr[@]}
# Only issue is the last 1 to 14 records will not be looked at due to the hard cutoff at 15
if [ $arrayIPSize == 15 ]; then
cat logfile.txt | grep -e ${arrayIPAddr[0]} -e ${arrayIPAddr[1]} -e ${arrayIPAddr[2]} -e ${arrayIPAddr[3]} -e ${arrayIPAddr[4]} -e ${arrayIPAddr[5]} -e ${arrayIPAddr[6]} -e ${arrayIPAddr[7]} -e ${arrayIPAddr[8]} -e ${arrayIPAddr[9]} -e ${arrayIPAddr[10]} -e ${arrayIPAddr[11]} -e ${arrayIPAddr[12]} -e ${arrayIPAddr[13]} -e ${arrayIPAddr[14]}
arrayIPAddr=()
fi
done < "ipList.txt"
As far as results, with this I was able to cut the amount of time it took down to 5 seconds to search the log. Thought this would be a helpful script to hold onto for future reference.
Tuesday, October 29, 2013
Subscribe to:
Posts (Atom)
-
Here is a quick walk through of GetBoo. The first item that I found was you can harvest the usernames of the existing users that are regist... -
As I was glancing through the logs of my honeypots I spent some time to look at the following logs. In the past I have just overlooked them... -
I thought I would work through a few of these web applications provided by OWASP on their broken web applications VM. The first one I th... -
Today looking at the logs of the honeypots, I became curious based on the whois of the IP Addresses attempting to login to SSH which country...
-
Recently I was doing some scanning with a tool that is available on github called masscan. The tool allows you to configure a configuration...