Last active
March 30, 2023 20:17
-
-
Save markwragg/a0d8c47f59f7b4858cf6aa06794b84de to your computer and use it in GitHub Desktop.
Powershell uses of Select-String to filter a log file and example Regular Expressions for identifying IP addresses and IP spaces
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #This regex matches anything that's like an IP address (even invalid ones) | |
| $regexIPAddress = '\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b' | |
| #This regex matches anything like an IP address that starts 10, 172 or 192 | |
| $regexIPSpace = '(10|172|192).\d{1,3}\.\d{1,3}\.\d{1,3}\b' | |
| #Returns the first IP address in each line of the log file/s then sorts and removes duplicates. | |
| Select-String -Path *.log -Pattern $regexIPAddress | ForEach-Object { $_.Matches } | % { $_.Value } | Sort-Object -Unique | Out-File 'UniqueIPs.txt' | |
| #Returns from a selection of Log files any lines which match a certain string pattern | |
| Select-String -Path ex*.log -Pattern "accountname" | Select -expandproperty line | Out-File 'matches.log' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment