awk Examples

Get top 15 most instanced commands

Drop the “a” flag from the initial ps command to only see commands of the same user

ps -cax | cut -c 26- | awk '{count[$0] += 1}END{for(i in count)print count[i] " " i}' | sort -nr | head -15

Mail log

Find the number of failed logins per IP address in the maillog

sudo tail -100000 /var/log/maillog | awk -F"[ =,]" '$0~/auth failed/{count[$24] += 1}END{for(i in count)print i": " count[i]}'

Work in progress to do a mail report

sudo tail -100000 /var/log/exim_mainlog | awk -F' ' '$0~/<=|=>|Completed/{if($5!="Completed"){id[$4][0]=$6;id[$4][1]=$7;}else id[$4][2]="Success"}END{for(i in id){print i;print "    To: " id[i][0] " " id[i][1];if(id[i][2])print "    " id[i][2]}}' | tail -30

sudo tail -100000 /var/log/exim_mainlog | awk -F' ' '$0~/<=|=>|Completed/{if($5!="Completed"){id[$4][0]=$6;id[$4][1]=$7;}else id[$4][2]="Success"}END{for(i in id){print i;print "    To: " id[i][0] " " id[i][1];if(id[i][2])print "    " id[i][2]}}' | tail -30

List Users

ls -l /home/ | awk '$9~/^[a-zA-Z]/ {print $9}'

The Students File

Print only the OWL Score for each student

awk -F"[:,]" '{print $8}' students.log

Print in the format “first name last name: house” for each student

awk -F"[:,]" '{print $2 ": " $4}' students.log

Rearrange the data into the order:
House,OWL Score,Wand,Name

awk -F"," '{print $2 "," $4 "," $3 "," $1}' students.log

Only print the full lines of students who have a cherry wand

awk -F"," '{print $1 "," $2 "," $3 "," $4}' students.log

Print the names of students who have any type of Oak wand

awk -F"," '$3~/Oak/ {print $1 "," $2 "," $3 "," $4}' students.log

Print students who have any type of Oak wand who are also in Gryffindor

awk -F"," '$3~/Oak/&&$2~/Gryffindor/ {print $1 "," $2 "," $3 "," $4}' students.log

Inject a student number before Name. Example:
Student Number:1,Name:Harry Potter,House:Gryffindor,Wand:Oak,OWL Score:6 (edited)

awk '{print "Number:" NR "," $0}' students.log

Print all for students who have an OWL of greater than 5

awk -F'[:,]' '$8>=5{print $0}' students.log

Find the Averages of all OWL Scores

awk -F'[:,]' '{total += $8; count=NR}END{print "Average Owl:",total/count}' students.log

Print the number of people who have each wand type in the format “Cherry : 2”

awk -F'[:,]' '{count[$6] += 1}END{for(i in count)print i": " count[i]}' students.log