man clfsplit (Commandes) - split Common-Log Format web logs based on IP address

NAME

clfsplit - split Common-Log Format web logs based on IP address

SYNOPSIS

clfsplit [--help] [-i input] -d defaultfile -f file -s spec [-f file -s spec]

DESCRIPTION

The clfsplit will split up large CLF format web logs based on IP address. This is for creating separate log analysis passes for internal and external users of web pages.

OVERVIEW

The defaultfile parameter specifies where data goes if it doesn't match any of the IP ranges. This could be /dev/null depending on your aims.

The -i input parameter gives the file to take input from (default standard input).

The -f file parameter must be given before the list of IP addresses.

The spec parameter is the IP addresses that go to the file in question. It is of the form start[-end][:start[-end]] where start and end specify the start and ends of ranges of IPs. Also the CIDR notation can be used or a single IP address. If there is a large number of IP ranges then a file name can be given which contains a set of IP ranges, one range per line.

EXIT STATUS

0 No errors

1 Bad parameters

2 Can't open input

3 Can't open/write to output file

4 Can't open and read from spec file

AUTHOR

This program, its manual page, and the Debian package were written by Russell Coker <russell@coker.com.au>.

SEE ALSO