Get count of IP addresses in a log file arranged in descending order of frequency

From Notes_Wiki

Home > Shell scripting > Useful bash shell scripts > Get count of IP addresses in a log file arranged in descending order of frequency

To get count of IP addresses in a log file arranged in descending order of frequency use following steps:

  1. Get all the IPs from log file into a temporary file:
    grep -o '\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}' log-file > ip1.txt
  2. Remove set of IPs that are not important such as loop-back or machines own IP address or local IP ranges
    grep -v 127.0.0.1 ip1.txt | grep -v 1.2.3.4 | grep -v '^192\.168' > ip2.txt
  3. Sort IPs, get count of each IP with help of "uniq -c" and then again sort in reverse order of frequency using sort:
    cat ip2.txt | sort | uniq -c | sort -rnb > ip3.txt
  4. Final temporary file (eg ip3.txt in above command) would have IPs arranged in descending order of frequency with frequency also mentioned in front of each IP



Home > Shell scripting > Useful bash shell scripts > Get count of IP addresses in a log file arranged in descending order of frequency