Split log file using a column with awk or sed

2
votes

I have a log file that looks like this:

www.domainone.com FIX 3.3 12.12.123.1
www.domainone.com FIX 3.4 12.12.123.1
www.domainone.com FIX 2.4 12.12.123.1
www.domaintwo.com MAX 1.4 44.15.153.5
www.domaintwo.com MAX 3.2 44.15.153.5
www.domaintwo.com MAX 3.9 44.15.153.5
www.domaintwo.com MAX 12.4 44.15.153.5
www.domainthree.com NAN 3.4 34.45.144.7
www.domainthree.com NAN 2.4 34.45.144.7
www.domainthree.com NAN 3.2 34.45.144.7
www.domainthree.com NAN 3.3 34.45.144.7
www.domainthree.com NAN 1.4 34.45.144.7

And I want to run a grep, awk, sed or other bash command/script that will split that log file by the last column, so the result is 3 log files that are named using the IP without the dot. So, one of them would be 34.45.144.7.log and have

www.domainthree.com NAN 3.4 34.45.144.7
www.domainthree.com NAN 2.4 34.45.144.7
www.domainthree.com NAN 3.2 34.45.144.7
www.domainthree.com NAN 3.3 34.45.144.7
www.domainthree.com NAN 1.4 34.45.144.7

I was able to sort them and remove some columns from original log with with awk but no idea how to split into files using one column.

3
bashloggingawksed

3 Answers

4
votes

If the IP is always the fourth column, you can just use

awk '{ filename=$4".log"; if (prev && (filename != prev)) close(prev); print >>filename; prev=filename }' ips.log

or according to @Ed Morton, even better yet

awk '{ print >>($4".log"); close($4".log") }' ips.log

This prints the whole line into a file composed of the fourth column (IP) + ".log"

This is with Ubuntu 12.04 and GNU awk 3.1.8.

1
votes

so the result is 3 log files that are named using the IP without the dot.

awk '{f=$4; gsub(/\./,"",f);print > f".log"}' ips.log
1
votes

At @OlafDietsche's request:

awk '{ filename=$4".log"; if (filename != prev) close(prev); print >filename; prev=filename }' ips.log

Didn't expect the comments to drag out that long or I'd have done that off the bat!