Capturing certain value from iperf result using grep - grep

I use iperf3 version and then I get the performance result like this in terminal :
[ 4] local 10.0.1.8 port 34355 connected to 10.0.1.1 port 5201
49,49,0,0,35500
[ ID] Interval Transfer Bandwidth Retr Cwnd
[ 4] 0.00-1.00 sec 2.19 MBytes 18.4 Mbits/sec 0 69.3 KBytes
CPU Utilization: local/sender 2.8% (0.7%u/3.3%s), remote/receiver 1.4% (0.6%u/0.9%s)
I want to use only certain values which I will use in the bash script later. What I want is like this :
35500,18.4,2.8
As far as I know I can use grep to print bandwidth only :
./src/iperf3 -c 10.0.1.1 -d -t 1 -V | grep -Po '[0-9.]*(?= Mbits/sec)'
but is it possible to obtain "35500,18.4,2.8" using grep and how to do it?
Thank you for the answers

grep with P(Perl-regex) option allows you to include multiple regexes,
$ grep -Po '(?<=,)[0-9]+$|[0-9.]*(?= Mbits/sec)|(?<=local\/sender )[^%]*' file | paste -d, - - -
35500,18.4,2.8
So your command would be,
$ ./src/iperf3 -c 10.0.1.1 -d -t 1 -V | grep -Po '(?<=,)[0-9]+$|[0-9.]*(?= Mbits/sec)|(?<=local\/sender )[^%]*' | paste -d, - - -

Related

Getting Mount Points using awk & grep

I am trying to get mount points and their respective paths on linux. So when I run the mount -v command I get this example output
//cifst/FSR on /mnt/share/cifst/FSR type cifs ...
//sydatsttbsq01/TheBooks statements to be parsed on /mnt/share/TheBooks type cifs ...
I am trying to parse this text to display this output
/mnt/share/cifst/FSR;//cifst/FSR
/mnt/share/TheBooks;//sydatsttbsq01/TheBooks
But the /mnt on the first row is in column 3, while on the second row is in column 5 so how do I do this to get the /mnt part
mount -v | grep mnt | awk '{ print $1'} gets me the path but how do I get the mount points.
Lots of assumptions, but this works for your sample input/output:
$ cat << EOF | awk '{print $(NF-2), $1}' OFS=\;
> //cifst/FSR on /mnt/share/cifst/FSR type cifs
> //sydatsttbsq01/TheBooks statements to be parsed on /mnt/share/TheBooks type cifs
> EOF
/mnt/share/cifst/FSR;//cifst/FSR
/mnt/share/TheBooks;//sydatsttbsq01/TheBooks
The trick is to notice that it's not column 3 and 5 you're interested in, but in each case it is column NF - 2.
In this particular case, the grep is redundant because it matches each line of input, and in general grep is (almost) always redundant with awk. If you need to add the filter, do it with awk and use:
awk '/mnt/{print $(NF-2), $1}' OFS=\;
If the fields you are interested in are #1 and the next after the first field equal to "on", and they do not contain spaces, you could try this:
mount -v | awk '{a="";for(i=2;i<=NF;i++){if(a=="on")break;a=$i};print $i";"$1}'
If we add one more hypothesis that there is only one field equal to "on", another possibility is to use gensub:
mount -v | awk '{print gensub(/^(\S+).*\<on\>\s+(\S+).*/,"\\2;\\1",1)}'
Which brings us to a sed equivalent:
mount -v | sed -r 's/^(\S+).*\<on\>\s+(\S+).*/\2;\1/'
For this particular output something like this will work; bear in mind that it will break if any of the paths with spaces that you use have the word "on" in them.
mount -v | awk 'BEGIN{FS="( on | type )"; OFS=";"} $3 ~ /cifs/ {print $2,$1}'
/mnt/share/cifst/FSR;//cifst/FSR
/mnt/share/TheBooks;//sydatsttbsq01/TheBooks statements to be parsed
P.S.: You'd be much better off if you didn't use spaces in paths, replace them with ., or _, or camelcase them ...

What are the 1000 ports that nmap scans by default?

The Nmap website states:
By default, Nmap scans the most common 1,000 ports for each protocol.
What are these 1000 ports? I need the exact port numbers.
The port numbers are determined by the port frequency values in the nmap-services file. You can get Nmap to print a list of ports and port ranges scanned for a given invocation by using the "Grepable" output with the verbose flag:
nmap -v -oG - | grep "Ports scanned"
sort -r -k3 /usr/share/nmap/nmap-services | less
grep /tcp /usr/share/nmap/nmap-services | sort -r -k3 | less
grep /udp /usr/share/nmap/nmap-services | sort -r -k3 | less

How to output tcpdump with grep expression to stdout / file?

I am trying to output the following tcpdump grep expression to a file :
tcpdump -vvvs 1024 -l -A tcp port 80 | grep -E 'X-Forwarded-For:' --line-buffered | awk '{print $2}
I understand it is related to the line-buffered option, that sends the output to stdin. However, if I don't use --line-buffered I don't get any output at all from my tcpdump.
How can I use grep so that it will send my output directly to stdout / file in this case ?
I am trying to output the following tcpdump grep expression to a file
Then redirect the output of the last command in the pipeline to the file:
tcpdump -vvvs 1024 -l -A tcp port 80 | grep -E 'X-Forwarded-For:' --line-buffered | awk '{print $2}' >file
I understand it is related to the line-buffered option, that sends the output to stdin.
No, that's not with --line-buffered does:
$ man grep
...
--line-buffered
Force output to be line buffered. By default, output is line
buffered when standard output is a terminal and block buffered
otherwise.
so it doesn't change where the output goes, it just changes when the data is actually written to the output descriptor if it's not a terminal. It's not a terminal in this case - it's a pipe - so, by default, it's block buffered, so if grep writes 4 lines of output, and that's less than a full buffer block (buffer blocks, in this context, are typically 4K bytes in most modern UN*Xes and on Windows, so it's likely that those 4 lines won't fill the buffer), those lines will not immediately be written by grep to the pipe, so they won't show up immediately.
--line-buffered changes that behavior, so that each line is written to the pipe as it's generated, and awk sees it sooner.
You're using -l with tcpdump, which has the same effect, at least on UN*X:
$ man tcpdump
...
-l Make stdout line buffered. Useful if you want to see the data
while capturing it. E.g.,
tcpdump -l | tee dat
or
tcpdump -l > dat & tail -f dat
Note that on Windows,``line buffered'' means ``unbuffered'', so
that WinDump will write each character individually if -l is
specified.
-U is similar to -l in its behavior, but it will cause output to
be ``packet-buffered'', so that the output is written to stdout
at the end of each packet rather than at the end of each line;
this is buffered on all platforms, including Windows.
So the pipeline, as you've written it, will cause grep to see each line that tcpdump prints as soon as tcpdump prints it, and cause awk to see each of those lines that contains "X-Forwarded-For:" as soon as grep sees it and matches it.
However, if I don't use --line-buffered I don't get any output at all from my tcpdump.
You'll see it eventually, as long as grep produces a buffer's worth of output; however, that could take a very long time. --line-buffered causes grep to write out each line as it's produced, so it shows up as soon as grep produces it, rather than the buffer is full.
How can I use grep so that it will send my output directly to stdout / file in this case ?
grep is sending its (standard) output to awk, which is presumably what you want; you're extracting the second field from grep's output and printing only that.
So you don't want grep to send its (standard) output directly to the terminal or to a file, you want it to send its output to awk and have awk send its (standard) output there. If you want the output to be printed on your terminal, your command is doing the right thing; if you want it sent to a file, redirect the standard output of awk to that file.

Convert check_load in Nagios to Zabbix

Hi I have just built my Zabbix server and in the process of configuring some checks currently setup in Nagios.
One these checks is check_load. Can anyone explain what this check means in Nagios and how I can replicate it in Zabbix.
In Nagios check_load monitors server load. Server load is a good indication of what your overall utilisation looks like : http://en.wikipedia.org/wiki/Load_(computing)
You can view server load easily on most *nix servers using the top command. The 3 numbers at the top right show your 1, 5 and 15 minute load averages. As a brief guide the load should be less than your number of processors. So for instance if you have a 4 cpu server then I would expect your load average to sit below 4.00.
I recently did a quick load monitor in nagios script format for http://www.dataloop.io
It was done quickly and needs a fair bit of work to work across other systems. But it gives a feel for how to scrape the output of top:
#!/bin/bash
onemin=$(top -b -n1 | sed -n '1p' | cut -d ' ' -f 13 | sed 's/%//')
fivemin=$(top -b -n1 | sed -n '1p' | cut -d ' ' -f 14 | sed 's/%//')
fifteenmin=$(top -b -n1 | sed -n '1p' | cut -d ' ' -f 15 | sed 's/%//')
int_fifteenmin=$( printf "%.0f" $fifteenmin )
echo "OK | 1min=$onemin;;;; 5min=$fivemin;;;; 15min=$fifteenmin;;;;"
alert=10
if [ "$int_fifteenmin" -gt "$alert" ]
then
exit 2
fi
exit 0
Hope this explains enough for you to create a Zabbix equivalent.
In zabbix, it is a zabbix agent built-in check. Search for system.cpu.load here.
As for what it measures, the already posted link to wikipedia article is a great read.

combine grep with the watch and netstat command

Red Hat Enterprise Linux Server release 5.4 (Tikanga)
2.6.18-164.el5
I am trying to use the watch command combined with the netstat to see the 2 programs using certain ports.
However, with the command I using below doesn't work for both words:
watch -n1 "netstat -upnlt | grep gateway\|MultiMedia"
Is this the correct way to grep for both program names.
If I use one its ok, but both together doesn't work.
For the grep you need:
"grep gateway\|MultiMedia"
So perhaps try:
watch -n1 'netstat -upnlt | grep "gateway\|MultiMedia"'
There's also the new way of doing things... grep -E is nice and portable (Or egrep, which is simply quick for grep -E on linux&bsd) so you don't have to escape the quote. From the man pages:
-E Interpret pattern as an extended regular expression (i.e. force
grep to behave as egrep).
So...
watch "netstat -upnlt | grep -E 'gateway|multimedia'"
or
watch "netstat -upnlt | egrep 'gateway|multimedia'"
I had a similar problem monitoring an ssh connection.
> netstat -tulpan|grep ssh
tcp 0 0 192.168.2.52:58072 192.168.2.1:22 ESTABLISHED 31447/ssh
However watch -n 1 'netstat -tulpan|grep ssh' shows no output (apart from message from watch).
If I change it to watch -n 1 'netstat -tulpan|grep ":22"' I get the required output line. It seems as if the -p option is ignored when netstat is run through watch. Strange.

Resources