phildom's repos

Commit Diff

Commit:: 6bd8f90b8ec41e18a5f29bf3cb90fdb7c7028215
From:: Dominik Lang <dominik@phildom.de>
Date:: Mon Apr 8 20:11:29 2024 UTC
Message:: Simply the output by using awk's builtin print and delimiter variables. While there, update some comments.
Actions:: Patch | Tree
commit - cb1c4e156140f7e459004a9d18977efb9b53de5f
commit + 6bd8f90b8ec41e18a5f29bf3cb90fdb7c7028215
blob - 7c43567503ee9c4dd0ade1c1e2a4938a6ec289c1
blob + 3017261e160af9e5cc1955d1eeac05628d13bf5e
--- from_accesslog.sh
+++ from_accesslog.sh
@@ -1,15 +1,14 @@
 #!/bin/sh
 
 awk '
-NR > 1 {
+BEGIN { OFS="\t" }
+$0 !~ /newsyslog.*logfile turned over/ {
 	match($0, "[[].*]")
-	$5 = substr($0, RSTART + 1, RLENGTH - 2)
+	date = substr($0, RSTART + 1, RLENGTH - 2)
 
 	match($0, "\".*\"")
-	$6 = substr($0, RSTART + 1, RLENGTH - 2)
+	req = substr($0, RSTART + 1, RLENGTH - 2)
 
-	l1 = NF-1
-	printf "%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\n", $1, $2, $3, $4, $5, $6, $l1, NF
-	#print $1, $2, $3, $4, $5, $6, $l1, NF
+	print $1, $2, $3, $4, date, req, $(NF-1), NF
 }
 '
blob - e39d14452ac5bfeb13ada588da366704fe2db0ba
blob + aa084ac4c0ce13c74314bf7530c472487cd9d19c
--- from_gnmap.sh
+++ from_gnmap.sh
@@ -2,7 +2,8 @@
 
 # In my opinion, gnmap isn't "grepable" but rather "transformable".
 # In my daily doing, I want something grepable with a little less information.
-# The goal is to print one entire port section together with its IP per line, e.g.
+# The goal is to print one entire port section together with its IP one per line,
+# e.g.
 #
 # 192.168.1.42  22  open  tcp  ssh  SSH-2.0-OpenSSH_9.5
 #
@@ -10,10 +11,15 @@
 # for the different "fields".
 # We only use the address field and the Ports field and ignore everything else.
 # 
-# The Ports field is delimited with "," and within a field delimited with "/"
+# The Ports field is delimited with "," and within a field and entry is
+# delimited with "/"
 # First split the "Ports:" field into it's port entry components.
 # Then split each of these components into it's subcomponents.
 
+# Note: The typos in the comments within the script are intentionally missing
+# the apostrophes, as these would be interpreted as the closing single quotes
+# to the argument of awk.
+
 awk '
 /Ports: / {
 	# Copy out the relevant parts of the line
@@ -27,7 +33,7 @@ awk '
 
 	sub("[ \t]*Ignored State:.*$", "", portstr)
 
-	# Split the into single port fields
+	# Split the ports string into single port fields
 	nports = split(portstr, portlist, ",") 
 
 	# Loop through each port field
@@ -36,8 +42,8 @@ awk '
 		sub("^[ \t]+|[ \t]+$", "", portlist[i])
 		np = split(portlist[i], p, "/")
 
-		# Dont use the last field of the split, as it isnt a field anymore
-		# just the end delimiter
+		# Dont use the last field of the split, as its just a delimiter
+		# and not a real field anymore
 		printf "%s", $2
 		for (j = 1; j < np; j++) {
 			# Set empty fields to "-"
blob - ae5af9015a50b25de84660c9a0069c0ae1ee8a44
blob + 6c80085008f94a09ab5c9a0bda7f3e2f1156e70d
--- from_nuclei.sh
+++ from_nuclei.sh
@@ -5,13 +5,14 @@
 # $ column -s "	" -t
 
 awk '
-BEGIN {OFS="\t"}
+BEGIN { OFS="\t" }
 {
 	# Remove the surrounding [] brackets of the first three fields
 	for (i = 1; i <= 3; i++)
 		$i = substr($i, 2, length($i) - 2)
 
-	printf "%s\t%s\t%s\t%s\t", $1, $2, $3, $4
+	ORS = "\t"
+	print $1, $2, $3, $4
 
 	# If there is additional information at the end,
 	# print it separated with one space.