From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.43)
	id 1DqbY8-00032W-Cr
	for garchives@archives.gentoo.org; Thu, 07 Jul 2005 18:56:40 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j67Itd7Q014049;
	Thu, 7 Jul 2005 18:55:39 GMT
Received: from mail.thompsonmike.co.uk (thompsonmike.plus.com [212.159.25.17])
	by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j67In4YO014325
	for <gentoo-user@lists.gentoo.org>; Thu, 7 Jul 2005 18:49:04 GMT
Received: from pherkab.thompsonmike.co.uk (pherkab.thompsonmike.co.uk [192.168.1.14])
	by mail.thompsonmike.co.uk (Postfix) with ESMTP id 76504B34DB
	for <gentoo-user@lists.gentoo.org>; Thu,  7 Jul 2005 19:49:04 +0100 (BST)
From: Michael Thompson <mike@thompsonmike.co.uk>
Organization: My own little world
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Potential Supid question re Grep
Date: Thu, 7 Jul 2005 19:47:45 +0100
User-Agent: KMail/1.7.2
References: <200507071918.27760.mike@thompsonmike.co.uk> <Pine.BSO.4.58.0507071432210.20852@ida.bway.net>
In-Reply-To: <Pine.BSO.4.58.0507071432210.20852@ida.bway.net>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200507071947.46866.mike@thompsonmike.co.uk>
X-Virus-Scanned: by amavisd-new at thompsonmike.co.uk
X-Archives-Salt: a83c6fee-18f3-4d6d-a685-6e113ad9e507
X-Archives-Hash: 1ba82e2d1b950b73f34f02dcce013e79

On Thursday 07 July 2005 19:32, A. Khattri wrote:
> On Thu, 7 Jul 2005, Michael Thompson wrote:
> > I am trying to extract information in my logs for a abuse department and
> > am using the code:
> >
> > Code:
> >
> > zcat /var/log/messages.*?.gz | grep 212.56.68.108 >> /home/mike/abuse1
> >
> > The logs are standard: messages.??.gz
> >
> > However, when I examine the output, it starts on the 1st may, however the
> > logs contain details from the 25th Febuary. What am I doing wrong?
>
> Show us some sample log lines.

Apr 24 06:39:51 polaris INPUT BLOCKED: IN=eth1 OUT= 
MAC=00:09:5b:1f:16:42:06:05:5d:9f:a3:74:08:00 SRC=212.56.68.108 
DST=212.159.25.17 LEN=71 TOS=0x00 PREC=0xA0 TTL=58 ID=0 DF PROTO=UDP 
SPT=46245 DPT=161 LEN=51


-- 
Mike

To see the world in a grain of sand,
and to see heaven in a wild flower,
hold infinity in the palm of your hands,
and eternity in an hour.

GnuGPG KeyID:=FC0D8D9A
-- 
gentoo-user@gentoo.org mailing list