Forum

Results 1 to 3 of 3
  1. #1
    Join Date
    August 2008
    Location
    Whois
    Posts
    586

    Find a User or IP in Logfiles

    Hello there,

    sometimes i have a problem to find some IP's or Names im my Logfiles.
    So this nerved me every time, now i have write a little script to help me
    by search.

    I would not like to keep it from you.

    Create a Script named: show_connects.sh with:
    Code:
    #!/bin/bash
    cat ts3server_*.log \
      | grep "client connected" \
      | grep -v "query client connected" \
      | grep -v "ENTER YOU SERVER IP HERE" \
      | perl -pe "s/^(2[0-9\-]+) .+ client connected '(.+)'.+ from ([0-9\.]+):[0-9]+$/\1\t\2\t\3/g" \
      | sort
    Save this Script in /path/to/ts3/logs

    Now create a new Script, where u like with this:
    Code:
    #!/bin/bash
    clear
    
     cd path/to/ts3/logs //EDIT THIS LINE!!!
    
    echo -en '\E[40;32m'"Search in TS3 Logfile by Name, IP or Date"
    echo
    echo 'Dateformat: yyyy-mm-dd'
    echo 'IPFormat: xxx.xxx.xxx.xxx'
    echo
    echo
    echo -en '\E[40;31m'"Enter Name / IP or Datum: "
    tput sgr0
    read NAME
    echo
    echo
    ./show_connects.sh | grep -i $NAME | sort | uniq -c | sort -nr
    echo
    echo
    tput sgr0
    So but now i need help too, how i am able format the output?
    I like create a Table or so... But my skill doesnt have fineout outputs on a shell ^^

    My idea was for the output: ( So this looks like fine )

    date name ip | date name ip | date name ip | date name ip
    date name ip | date name ip | date name ip | date name ip
    date name ip | date name ip | date name ip | date name ip
    date name ip | date name ip | date name ip | date name ip
    date name ip | date name ip | date name ip | date name ip
    date name ip | date name ip | date name ip | date name ip
    date name ip | date name ip | date name ip | date name ip
    date name ip | date name ip | date name ip | date name ip
    date name ip | date name ip | date name ip | date name ip
    date name ip | date name ip | date name ip | date name ip

  2. #2
    Join Date
    May 2010
    Posts
    6,310
    Hello

    More simple, for your search, you can use the database (log table) and sql commands.

  3. #3
    Join Date
    August 2008
    Location
    Whois
    Posts
    586
    Thanks but i think it isnt easer...

    first i must dump the file
    .mode list
    .header on
    .out logs.dmp
    select * from log;

    so i have to do this i have this format
    44682|1|1287388904|4|VirtualServer|query\sclient\s connected\s'Unknown\sfrom\s85.25.120.233:43828'(id :266)
    44683|1|1287388904|4|VirtualServer|query\sclient\s disconnected\s'TSViewer.com\sDBscan\sREG\s929163'( id:266)\sreason\s'reasonmsg=disconnecting'

    log_id|server_id|log_timestamp|log_level|log_chann el|log_msg

    ok i can grep me out some informations
    cat logs.dmp | grep "connected" | grep -v "query" | cut -d "|" -f3,6 blablabla but now i must convert the timestamp and the \s is a problem too... i dont know but i thinks its not the best way for my aim

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Help me to find an user!!!
    By R7Community in forum Server Support
    Replies: 2
    Last Post: August 6th, 2013, 07:01 AM
  2. Erweiterte Logfiles?
    By Kayaro in forum Off Topic
    Replies: 1
    Last Post: January 8th, 2012, 03:40 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •