想要转换此nmap输出:
Nmap scan report for 192.168.1.38
Host is up (0.0092s latency).
MAC Address: B8:78:2E:XX:XX:XX (Apple)
Nmap scan report for 192.168.1.39
Host is up (0.0092s latency).
MAC Address: 40:6C:8F:XX:XX:XX (Apple)
Nmap scan report for 192.168.1.201
Host is up (0.019s latency).
MAC Address: 3C:DF:A9:XX:XX:XX (Arris Group)
Nmap scan report for 192.168.1.36
Host is up.
Nmap done: 256 IP addresses (4 hosts up) scanned in 1.77 seconds
分为:
192.168.1.38 (Apple)
192.168.1.39 (Apple)
192.168.1.201 (Arris Group)
请注意,不包括最后IP 192.168.1.36(扫描仪IP)。
使用:sudo nmap -n -sn 192.168.1.0/24 | awk '/Nmap scan report/{printf $5;printf " ";getline;getline;print $4;}' > scan-output.txt
我包含扫描仪IP,只包含供应商的第一个字。
192.168.1.38 (Apple)
192.168.1.39 (Apple)
192.168.1.201 (Arris
192.168.1.36 IP
请帮忙。提前谢谢!
答案 0 :(得分:2)
$ awk '/^Nmap scan report for/ {ip = $5} /^(MAC Address|Nmap done)/ {$1 = $2 = $3 = ""; print ip, $0}'
对于更完整的供应商名称,我删除了三个字段并显示其余字段。考虑使用tr -d '()'修剪parens。考虑使用END发出最终地址:awk '... END {print ip, "IP"}'
答案 1 :(得分:1)
awk '/Nmap scan report for / && ip && vendor{print ip,vendor;ip=vendor=""} /Nmap scan report for /{ip=$NF;next} /MAC Address/{sub(/.*\(/,"(");;vendor=$0;next} END{if(ip){print ip,"IP"}}' Input_file
编辑: 此处还添加了一种非单一形式的解决方案,并附有说明。
awk '
/Nmap scan report for / && ip && vendor{ ##Checking condition here if line has string Nmap scan report for &&(conditional operator) value of variable ip is..
##NOT NULL &&(conditional operator) value of variable named vendor is NOT NULL too, if all conditions met then do following.
print ip,vendor ##Printing the values of variable ip and variable vendor here.
ip=vendor="" ##Nullifying variables ip and vendor here.
}
/Nmap scan report for /{ ##Checking condition if a line contains string Nmap scan report for, if yes, then do following.
ip=$NF; ##creating variable named ip whose value is the $NF value where $NF represents the value of last field.
next ##Using next will skip all further statements.
}
/MAC Address/{ ##Checking condition if a line contains string MAC Address then perform following.
sub(/.*\(/,"("); ##Using sub utility of awk, which will substitute as per your provided regex, so I am substituting everything from starting to
##till ( with (, so that if a vendor name has spaces in it, it should pick those things too, like your sample Input has.
vendor=$0; ##Now assigning the value of new edited line to variable vendor.
}
END{
if(ip){ ##In END block of awk code, checking here if variable ip value is NOT NULL then do following.
print ip,"IP" ##Printing the value of variable ip and string IP here too.
}
}' Input_file ##Mentioning the Input_file name here.
答案 2 :(得分:1)
使用awk
一衬垫:
awk '/^(Nmap scan|MAC Address)/{ORS=(f+=sub(/^.*(for|:..) /,""))%2?OFS:RS; print}END{printf "IP\n"}' infile
更好的可读性:
awk '/^(Nmap scan|MAC Address)/{
ORS=(f+=sub(/^.*(for|:..) /,""))%2?OFS:RS;
print
}
END{
printf "IP\n"
}
' infile
测试结果:
$ cat infile
Nmap scan report for 192.168.1.38
Host is up (0.0092s latency).
MAC Address: B8:78:2E:XX:XX:XX (Apple)
Nmap scan report for 192.168.1.39
Host is up (0.0092s latency).
MAC Address: 40:6C:8F:XX:XX:XX (Apple)
Nmap scan report for 192.168.1.201
Host is up (0.019s latency).
MAC Address: 3C:DF:A9:XX:XX:XX (Arris Group)
Nmap scan report for 192.168.1.36
Host is up.
Nmap done: 256 IP addresses (4 hosts up) scanned in 1.77 seconds
$ awk '/^(Nmap scan|MAC Address)/{ORS=(f+=sub(/^.*(for|:..) /,""))%2?OFS:RS; print}END{printf "IP\n"}' infile
192.168.1.38 (Apple)
192.168.1.39 (Apple)
192.168.1.201 (Arris Group)
192.168.1.36 IP
- 编辑评论 -
$ awk 'f==2{print s; f=s=""}/^(Nmap scan|MAC Address)/{sub(/^.*(for|:..) /,"");f++;s=(s?s OFS :"")$0}END{if(f==2)print s}' infile
192.168.1.38 (Apple)
192.168.1.39 (Apple)
192.168.1.201 (Arris Group)