S
secheese
I have a script that monitors a firewall drop log file and I need to
pull the protocol fields. I used to know exactly where this field
was, so I could easily get the field with this statement:
PROTOCOL=`awk 'print $5'`
But now the logs are dynamic and the field can be anywhere. One thing
I do know is that the protocol field always follows a field labelled
"proto". Thus the follow command gets it for me:
PROTOCOL=`echo ${LINE} | sed -n 's/^.* proto //p' | cut -f1 -d" "`
Trouble is, this command takes about 10 times as long to run as the
awk did. The result is that the execution time for my script overall
has gone from about 1 minute to 10 minutes.
Can anyone think of a faster way to get the job done? BTW, perl is
available, but I'm unfamiliar with the language.
Thanks.
pull the protocol fields. I used to know exactly where this field
was, so I could easily get the field with this statement:
PROTOCOL=`awk 'print $5'`
But now the logs are dynamic and the field can be anywhere. One thing
I do know is that the protocol field always follows a field labelled
"proto". Thus the follow command gets it for me:
PROTOCOL=`echo ${LINE} | sed -n 's/^.* proto //p' | cut -f1 -d" "`
Trouble is, this command takes about 10 times as long to run as the
awk did. The result is that the execution time for my script overall
has gone from about 1 minute to 10 minutes.
Can anyone think of a faster way to get the job done? BTW, perl is
available, but I'm unfamiliar with the language.
Thanks.