There are times that that Windows makes it difficult to do tasks that are trivial to accomplish on Linux. Simple text processing is a perfect example. I recently had the need to find out all the unique host IP addresses that had used SMTP to connect to an Exchange server during a period of time. I use an advanced reporting package on my Exchange servers but it is geared toward business decisions and capacity planning. It works very well but does not analyze data at this level which leaves me to find a solution to this problem on my own.
Fortunately, I have GnuWin32 installed on my workstation and it gives me the use of traditional Linux/Unix utilities such as cut, sort, uniq and grep. Looking at the SMTP logs I see that the fields are separated by a space and the IP address of each connection is listed in the third column. So I copy the log files for the period to my desktop computer where I have GnuWin32 installed. I cd to the directory where the log files are located and run the following command:
cut -f 3 -d ” ” *.log | sort | uniq > results.txt
I modify it slightly to find all of the unique internal hosts that have connected to the SMTP server.
cut -f 3 -d ” ” *.log | sort | uniq | grep “172.16.” > results.txt
GnuWin32 makes it a simple and fun task where Windows has no easy equivilant.
Post a Comment