Community discussions

MikroTik App
 
User avatar
diamuxin
Member
Member
Topic Author
Posts: 319
Joined: Thu Sep 09, 2021 5:46 pm
Location: Alhambra's City

Extract IP from syslog message with a condition

Sat May 07, 2022 5:47 pm

Hello folks,

Can you help me extract an IP from this syslog message?
# Capture the second IP with the condition that it does not match these segments:
# 86.127.X.X or 79.116.X.X
{
:local ip1 "killing ike2 SA: ike2-peer 86.127.123.45[4500]-161.35.236.116[41372] spi:1f437655d5e822c2:314dde078ba2c8dd"
:local ip2 [:pick $ip1 ([:find $ip1 "]"]+2) 999]
:put [:pick $ip2 0 [:find $ip2 "["]] 
}

Result: 
161.35.236.116
I would only need to apply a condition so that it captures the IP as long as it does not match the segments: 86.127.X.X or 79.116.X.X?

Thanks in advance.
BR:
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Extract IP from syslog message with a condition

Sat May 07, 2022 6:03 pm

simply add
literally... does not match 86.127.X.X or 79.116.X.X
:if ( !( ($varname~"^86.127.") or ($varname~"^79.116.") ) ) do={ }
 
User avatar
diamuxin
Member
Member
Topic Author
Posts: 319
Joined: Thu Sep 09, 2021 5:46 pm
Location: Alhambra's City

Re: Extract IP from syslog message with a condition

Sat May 07, 2022 6:20 pm

simply add
literally... does not match 86.127.X.X or 79.116.X.X
:if ( !( ($varname~"^86.127.") or ($varname~"^79.116.") ) ) do={ }
Thank you so much.
BR.
 
User avatar
diamuxin
Member
Member
Topic Author
Posts: 319
Joined: Thu Sep 09, 2021 5:46 pm
Location: Alhambra's City

Re: Extract IP from syslog message with a condition

Sat May 07, 2022 6:36 pm

simply add
literally... does not match 86.127.X.X or 79.116.X.X
:if ( !( ($varname~"^86.127.") or ($varname~"^79.116.") ) ) do={ }
Excuse me, would it be like this?
:if ( !( ($varname~"^86.127.") or ($varname~"^79.116.") ) ) do={ 
:local ip1 "killing ike2 SA: ike2-peer 86.127.123.45[4500]-161.35.236.116[41372] spi:1f437655d5e822c2:314dde078ba2c8dd"
:local ip2 [:pick $ip1 ([:find $ip1 "]"]+2) 999]
:put [:pick $ip2 0 [:find $ip2 "["]] 
}
BR.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Extract IP from syslog message with a condition

Sat May 07, 2022 7:31 pm

Uhm.....
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Extract IP from syslog message with a condition  [SOLVED]

Sat May 07, 2022 7:37 pm

{
    :local logstring "killing ike2 SA: ike2-peer 86.127.123.45[4500]-161.35.236.116[41372] spi:1f437655d5e822c2:314dde078ba2c8dd"
    :local startpos ([:find $logstring "]-"] + 2)
    :local temp [:pick $logstring $startpos [:len $logstring]]
    :local endpos [:find $temp "["]
    :local ip [:pick $temp 0 $endpos]
    :if ( !( ($ip~"^86.127.") or ($ip~"^79.116.") ) ) do={
        :put "IP is $ip"
    } else={
        :put "IP $ip is inside 86.127.x.x or 79.116.x.x range"
    }
}
 
User avatar
diamuxin
Member
Member
Topic Author
Posts: 319
Joined: Thu Sep 09, 2021 5:46 pm
Location: Alhambra's City

Re: Extract IP from syslog message with a condition

Sat May 07, 2022 7:53 pm

I already understand it! Thanks.

BR.

Who is online

Users browsing this forum: marcelofares and 23 guests