Here’s an example of counting logons (established connections) at the listener:
By minute:
fgrep "23-FEB-2017 10:" listener.log | fgrep "establish" | awk '{ print $1 " " $2 }' |
awk -F: '{ print $1 ":" $2 }' | sort | uniq –c
3 23-FEB-2017 10:00
4 23-FEB-2017 10:01
2 23-FEB-2017 10:02
2 23-FEB-2017 10:03
1 23-FEB-2017 10:04
By hour:
fgrep "23-FEB-2017 " listener.log | fgrep "establish" | awk '{ print $1 " " $2 }' |
awk -F: '{ print $1 }' | sort | uniq -c
143 23-FEB-2017 00
132 23-FEB-2017 01
136 23-FEB-2017 02
158 23-FEB-2017 03
149 23-FEB-2017 04
To filter by IP address, add this in:
grep -E "10.1.10.10|10.1.10.11"
imhungrysite 