Linux Log File Tips and Tricks

IP Addresses

Extract all IP addresses from a log

cat LOG.FILE | grep -E -o "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | sort

Display Unique IP address

cat LOG.FILE | grep -E -o "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | sort | uniq

Display Unique IP address and number of occurances

Note: Sort must come before unique for this to work cat LOG.FILE | grep -E -o "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | sort | uniq -c