I need to erase some lines that are are of the size standard... as make?
Example:
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=8506 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.4>http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=8585 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=63908 RES=0x00 ACK URGP=0 <---Delete Very long
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=8401 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=8402 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=63908 RES=0x00 ACK URGP=0
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.2470 <---Delete Small
Mar 19 08:09:04 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=9176 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:04 abab kernel: smtp: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=65.123.82.253 DST=200.202.247.45 LEN=46 TOS=0x00 PREC=0x00 TTL=112 ID=42806 DF PROTO=TCP SPT=2673 DPT=25 WINDOW=17274 RES=0x00 ACK PSH URGP=0
Mar 19 08:09:04 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=9178 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:09 abab kernel: smtp: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=65.123.82.253 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=112 ID=43602 DF PROTO=TCP SPT=2673 DPT=25 WINDOW=17124 RES=0x00 ACK FIN URGP=0
I need this:
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=8506 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=8401 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=8402 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=63908 RES=0x00 ACK URGP=0
Mar 19 08:09:04 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=9176 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:04 abab kernel: smtp: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=65.123.82.253 DST=200.202.247.45 LEN=46 TOS=0x00 PREC=0x00 TTL=112 ID=42806 DF PROTO=TCP SPT=2673 DPT=25 WINDOW=17274 RES=0x00 ACK PSH URGP=0
Mar 19 08:09:04 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=9178 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:09 abab kernel: smtp: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=65.123.82.253 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=112 ID=43602 DF PROTO=TCP SPT=2673 DPT=25 WINDOW=17124 RES=0x00 ACK FIN URGP=0
The problem is the lines with lesser or bigger sizes that the standard!
But the so great standard is changeable!
The log have 500000 lines
thanks!
Example:
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=8506 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.4>http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=8585 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=63908 RES=0x00 ACK URGP=0 <---Delete Very long
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=8401 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=8402 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=63908 RES=0x00 ACK URGP=0
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.2470 <---Delete Small
Mar 19 08:09:04 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=9176 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:04 abab kernel: smtp: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=65.123.82.253 DST=200.202.247.45 LEN=46 TOS=0x00 PREC=0x00 TTL=112 ID=42806 DF PROTO=TCP SPT=2673 DPT=25 WINDOW=17274 RES=0x00 ACK PSH URGP=0
Mar 19 08:09:04 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=9178 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:09 abab kernel: smtp: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=65.123.82.253 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=112 ID=43602 DF PROTO=TCP SPT=2673 DPT=25 WINDOW=17124 RES=0x00 ACK FIN URGP=0
I need this:
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=8506 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=8401 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:00 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=8402 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=63908 RES=0x00 ACK URGP=0
Mar 19 08:09:04 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=9176 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:04 abab kernel: smtp: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=65.123.82.253 DST=200.202.247.45 LEN=46 TOS=0x00 PREC=0x00 TTL=112 ID=42806 DF PROTO=TCP SPT=2673 DPT=25 WINDOW=17274 RES=0x00 ACK PSH URGP=0
Mar 19 08:09:04 abab kernel: http: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=87.196.128.37 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=9178 DF PROTO=TCP SPT=1295 DPT=80 WINDOW=65320 RES=0x00 ACK URGP=0
Mar 19 08:09:09 abab kernel: smtp: IN=eth0 OUT= MAC=00:02:55:23:21:d9:00:0a:41:7f:4b:40:08:00 SRC=65.123.82.253 DST=200.202.247.45 LEN=40 TOS=0x00 PREC=0x00 TTL=112 ID=43602 DF PROTO=TCP SPT=2673 DPT=25 WINDOW=17124 RES=0x00 ACK FIN URGP=0
The problem is the lines with lesser or bigger sizes that the standard!
But the so great standard is changeable!
The log have 500000 lines
thanks!
