grok + netstat :: semicomplete.com

grok + netstat

Posted Tue, 20 Feb 2007

What hosts is this machine connected to:

% netstat -anfinet | perl grok -m "%IP:S%.*?%IP:D%" -r "%IP:D|ip2host%" | sort | uniq
fury.csh.rit.edu
mc-in-f104.google.com
mc-in-f147.google.com
scorn.csh.rit.edu

I have no idea the mc-in-f104 stuff is, but firefox is open to 'www.google.com' right now. Let's find out what 'www.google.com' points at:

% host www.google.com | perl grok -m "%IP%" -r "%IP|ip2host%"
mc-in-f147.google.com
mc-in-f99.google.com
mc-in-f104.google.com

I keep finding more uses for grok now that you can use it on the commandline easily.

Comments: 0 | Link to this post | posted at: 01:13

Tags: grok

0 responses to 'grok + netstat'

Showing last 0 comments... (Click here to view all comments)

You need javascript enabled to use this form. Anti-spam efforts ongoing. Also, if the comment doesn't show up, it's because the form expired. Go back and copy your comment, reload the form, and resubmit. Apologies if this is a hassle, I'm just playing with antispam methods right now. If this insists on not working, please email me about it.

Search this site

Metadata

Articles

Projects

Presentations

grok + netstat

Posted Tue, 20 Feb 2007

0 responses to 'grok + netstat'

Showing last 0 comments... (Click here to view all comments)

Leave a reply