Extract information from Log file using powershell

This topic contains 4 replies, has 4 voices, and was last updated by  Daniel Krebs 1 year, 9 months ago.

  • Author
  • #54508

    Amar Helloween

    Hi all,

    i have to extract the total number of times a mail id occurred with the count . I want the top 5 list. example

    Domain count
    ——- ——-
    a@b.com 10
    a@bb.com 3
    a.4@c.com 2

    here is the log file :

  • #54511

    Daniel Krebs

    Very important in the future please do not post the content of internal log files without changing details like email addresses to something anonymous. You've just exposed hundreds of email addresses of your company to spam bots crawling the web.

    A combination of RegEx and the Group-Object cmdlet usually works great for me if I need to extract and count the value of properties. I've created a sample script for you which works on the log file you've provided.

  • #54512

    Rob Simmers

    Have you tried anything? If you simply want occurrences of the email address, you should look at a REGEX pattern for email addresses. If you want the date as well, you can find regex pattern for the date format and use grouping and match both with a single REGEX pattern.

  • #54530

    random commandline
    # list top 5 results
    $file = Get-ChildItem '\\path\to\logfile.log'
    $users = switch -regex -file $file {
    'User (.*) logged on' {$Matches[1]} 
    $users | Group-Object | Sort-Object -Descending -Property count|
    Select-Object Name,Count -First 5
  • #54531

    Daniel Krebs

    @random Cool. I was not aware of the -file parameter for the switch statement. Thanks very much for the example.

You must be logged in to reply to this topic.