On Thu, 18 Dec 2003, GDHough wrote:

1 - How I can search for subnet matches in /var/log/messages, like I can in Ethereal.

Carefully-crafted regular expressions (as in, e.g., Awk and Perl) can do a lot of this, but it's somewhat inconvenient. You really want a tool that's aware of Internet addresses and can manipulate them as such. I'm sure somebody's got a library for that in Perl...

2 - How I can extract $omefield (columns?) and print $ame to $omefile after doin $ummath on $omefield.

This is definitely a job for Awk (if it's something not too complicated) or Perl (if you need library support for things like address manipulation). Awk is simpler and cleaner and easier to learn, but more limited, not least because it has no equivalent of Perl's enormous variety of libraries. Henry Spencer henry-lqW1N6Cllo0sV2N9l4h3zg at public.gmane.org -- The Toronto Linux Users Group. Meetings: http://tlug.ss.org TLUG requests: Linux topics, No HTML, wrap text below 80 columns How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml