(awk) script piped to head not terminating after head finishes
by ychaouche from LinuxQuestions.org on (#6GJ31)
Dear LQ,
I'd like to print the top 10 output of my awk script,
so I do like so:
Code:$ banlog.awk -v GEO=1 /var/log/messages | head
Nov 21 01:46:58 PORT 993 104.28.221.227 DZ Alger Cloudflare, Inc.
Nov 21 01:46:59 PORT 993 104.28.221.227 DZ Alger Cloudflare, Inc.
Nov 21 01:47:01 PORT 993 104.28.221.227 DZ Alger Cloudflare, Inc.
Nov 21 01:47:05 PORT 993 104.28.221.227 DZ Alger Cloudflare, Inc.
Nov 21 01:48:32 PORT 993 104.28.253.229 DZ Alger Cloudflare, Inc.
Nov 21 01:48:33 PORT 993 104.28.253.229 DZ Alger Cloudflare, Inc.
Nov 21 01:48:35 PORT 993 104.28.253.229 DZ Alger Cloudflare, Inc.
Nov 21 01:48:39 PORT 993 104.28.253.229 DZ Alger Cloudflare, Inc.
Nov 21 01:49:25 PORT 993 104.28.221.227 DZ Alger Cloudflare, Inc.
Nov 21 01:49:26 PORT 993 104.28.221.227 DZ Alger Cloudflare, Inc.
^C
$as you can see at the end there's a ^C
that's because even after reaching 10th line,
my awk script continues to run.
Isn't it supposed to receive a signal that tells it to stop?
awk code below
Code:$ cat banlog.awk
#!/usr/bin/gawk -f
/DROP/ {
GEOINFO="";
match($0,/SRC=((\w+.){3}\w+)/,A);
IP=A[1];
# GEO is passed as a parameter
if (GEO){
GEOCOMMAND="net.ip.info " IP;
GEOCOMMAND | getline GEOINFO;
close(GEOCOMMAND);
}
match($0,/DPT=(\w+)/,A);
PORT=A[1];
# $1,$2,$3 = timestamp
# Nov 10 09:22:10
printf("%s %s %s PORT %s %-20s %s \n",$1,$2,$3,PORT,IP,GEOINFO);
}
$
I'd like to print the top 10 output of my awk script,
so I do like so:
Code:$ banlog.awk -v GEO=1 /var/log/messages | head
Nov 21 01:46:58 PORT 993 104.28.221.227 DZ Alger Cloudflare, Inc.
Nov 21 01:46:59 PORT 993 104.28.221.227 DZ Alger Cloudflare, Inc.
Nov 21 01:47:01 PORT 993 104.28.221.227 DZ Alger Cloudflare, Inc.
Nov 21 01:47:05 PORT 993 104.28.221.227 DZ Alger Cloudflare, Inc.
Nov 21 01:48:32 PORT 993 104.28.253.229 DZ Alger Cloudflare, Inc.
Nov 21 01:48:33 PORT 993 104.28.253.229 DZ Alger Cloudflare, Inc.
Nov 21 01:48:35 PORT 993 104.28.253.229 DZ Alger Cloudflare, Inc.
Nov 21 01:48:39 PORT 993 104.28.253.229 DZ Alger Cloudflare, Inc.
Nov 21 01:49:25 PORT 993 104.28.221.227 DZ Alger Cloudflare, Inc.
Nov 21 01:49:26 PORT 993 104.28.221.227 DZ Alger Cloudflare, Inc.
^C
$as you can see at the end there's a ^C
that's because even after reaching 10th line,
my awk script continues to run.
Isn't it supposed to receive a signal that tells it to stop?
awk code below
Code:$ cat banlog.awk
#!/usr/bin/gawk -f
/DROP/ {
GEOINFO="";
match($0,/SRC=((\w+.){3}\w+)/,A);
IP=A[1];
# GEO is passed as a parameter
if (GEO){
GEOCOMMAND="net.ip.info " IP;
GEOCOMMAND | getline GEOINFO;
close(GEOCOMMAND);
}
match($0,/DPT=(\w+)/,A);
PORT=A[1];
# $1,$2,$3 = timestamp
# Nov 10 09:22:10
printf("%s %s %s PORT %s %-20s %s \n",$1,$2,$3,PORT,IP,GEOINFO);
}
$