goober43543
Technical User
I have a script that reads the contents of several months of Firewall logs in a folder, using the following commands;
-------------------------
$input_path = ‘g:\logs\’
$output_file = ‘g:\logs\extracted_ip_addresses.txt’
$regex = ‘\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b’
select-string -Path $input_path -Pattern $regex -AllMatches | % { $_.Matches } | % { $_.Value } > $output_file
-------------------------
It outputs all IPs, on thier own, in the logs to the 'extracted_ip_addresses.txt' file, as follows
x.x.x.x
x.x.x.x
x.x.x.x
x.x.x.x
and so on. Which is great, but however, it populates 100k of IPs from my internal range of 192.168.x.x and 172.32.x.x
I would like to modify it to collect as normal, but exclude these ranges.
A final really great option, but not as critical, could it be also modified to avoid repetition, and only show the first instance of a particular IP?
Many thanks in advance.
-------------------------
$input_path = ‘g:\logs\’
$output_file = ‘g:\logs\extracted_ip_addresses.txt’
$regex = ‘\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b’
select-string -Path $input_path -Pattern $regex -AllMatches | % { $_.Matches } | % { $_.Value } > $output_file
-------------------------
It outputs all IPs, on thier own, in the logs to the 'extracted_ip_addresses.txt' file, as follows
x.x.x.x
x.x.x.x
x.x.x.x
x.x.x.x
and so on. Which is great, but however, it populates 100k of IPs from my internal range of 192.168.x.x and 172.32.x.x
I would like to modify it to collect as normal, but exclude these ranges.
A final really great option, but not as critical, could it be also modified to avoid repetition, and only show the first instance of a particular IP?
Many thanks in advance.
