Howdy, Stranger!

It looks like you're new here. Sign in or register to get started.

extract info from vpn log

I have this file:

Mar 16 09:44:41 XXXX.250   id=firewall sn=XXXXXXXX time="2021-03-16 08:45:28 UTC" fw=7XXXXXXXX pri=6 c=0 m=1080 msg="SSL VPN zone remote user login allowed" sess="sslvpnc" n=3157 usr="user1" src=1.40.117.244::X1 dst=7XXXXXXXX:0:X1 proto=tcp note="user1 fw_action="NA"

Mar 16 09:44:45 XXXX.250   id=firewall sn=XXXXXXXX time="2021-03-16 08:45:33 UTC" fw=7XXXXXXXX pri=6 c=0 m=1080 msg="SSL VPN zone remote user login allowed" sess="sslvpnc" n=3158 usr="user2" src=151.20.209.225::X1 dst=7XXXXXXXX:0:X1 proto=tcp note="user2" fw_action="NA"

Mar 16 09:44:47 XXXX.250   id=firewall sn=XXXXXXXX time="2021-03-16 08:45:35 UTC" fw=7XXXXXXXX pri=6 c=0 m=1080 msg="SSL VPN zone remote user login allowed" sess="sslvpnc" n=3159 usr="user3" src=176.207.224.17::X1 dst=7XXXXXXXX:0:X1 proto=tcp note="user3" fw_action="NA"

ar 16 09:45:25 XXX.250   id=firewall sn=XXXXXXXX time="2021-03-16 08:46:12 UTC" fw=78.6.22.244 pri=6 c=16 m=263 msg="User logged out - user2" sess="sslvpnc" dur=60 n=4927 usr="user2" src=10.9.0.61::X1 dst=7XXXXXXXX:0:X1 proto=tcp fw_action="NA"

I need extract info like this order by USER

login

logout

I test using csv import o command "sort" in linux but I have no idea and solution .

Please help me !

Category: High End Firewalls
Reply

Answers

Sign In or Register to comment.