题
我有一个不错的管理脚本,用于检查IP在网络应用程序上登录的内容,但我需要在开始时使用whois更喜欢它,然后我想到了Geoip。
目前,我已经散布了其中的一部分 - 我的问题是因为有多个ips- whois不知道该怎么办
对此有什么想法会很棒吗?而且,关于地理杂志的想法也很可爱!
干杯
#!/bin/bash
#Setting date and time (y and z aren't being used at the moment)
x="$(date +'%d/%b/%Y')"
y="$(date +'%T')"
z="$(date +'%T' | awk 'BEGIN { FS =":"} ; {print $1}')"
#Human readable for email title
emaildate=$(date +"%d%b%Y--Hour--%H")
#Setting date and time for grep and filename
beta="$(date +'%d/%b/%Y:%H')"
sigma="$(date +'%d-%b-%Y-%H')"
#Current SSL Access logs
log='/var/log/apache2/ssl_access.log'
#Set saved log location
newlogs=/home/user/Scripts/logs
grep user@user.com $log | grep $beta | awk 'BEGIN { FS = " " } ; { print $1 }' | sort -u >> $newlogs/adminusage"$sigma".txt
#Preform whois
#whoip=`grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' $newlogs/adminusage"$sigma".txt | sort | uniq >> $testing`
#echo $whoip
#testing="/home/user/Scripts/testing.txt"
#IPlookup="/home/user/Scripts/iptest.txt"
#Preform Usage for the current hour
if
grep -v 1.1.1.1 $newlogs/adminusage"$sigma".txt
then
#whois $testing >> $IPlookup
mail -s "Admin Usage for $emaildate" email.com < $newlogs/adminusage"$sigma".txt
else
echo
fi
解决方案
只需使用一个循环并调用 whois
一次迭代
假设你 grep
返回一个新线列出的IP地址列表,您可以做这样的事情:
grep ... | sort | uniq | while IFS= read -r ip ; do
whois "$ip" >> whatever
done
其他提示
如果您有多个IP,只需循环绕过它们,并在每个IP上运行WHOIS:
for address is $whoip ; do
whois $address
done
不隶属于 StackOverflow