Wednesday, 23 September 2009

Filter some IP from SQUID access log

I need to filter some "friendly" IP from the SQUID access_log file to minimize lines to analyze. I have a file with a list of IP addresses:

#cat friends.txt

First I have wrote perl script to do that. It was a quick way :-). But today I have found more elegant solution:
#grep -v -f friends.txt access_log>new-file


-v, --invert-match
Invert the sense of matching, to select non-matching lines.

-f FILE, --file=FILE
Obtain patterns from FILE, one per line. The empty file contains zero patterns, and therefore matches nothing.
What means I have more carefully read command's man pages!

No comments: