Issue
I have a email log and I would like to print to file only senders emails address:
I have filtered the whole log using:
grep "to=<email@address>" input.log | grep "from=" > output.txt
Output is (edited for privacy):
Jun 26 09:21:21 X1-X5-mx postfix/cleanup[9164]: QueueID:XXX milter-reject: END-OF-MESSAGE from ipXX.ip-XX-XXX-XXX.eu[XXX.XXX.XXX.XX]: 5.7.1 Rejected by SPAM_FILTER (spam); from=<email@address> to=<email@address> proto=....
I would like to print to a separate file only the from=<email@address> part - ideally without the from=<> part. Senders email address is random.
Do you have any idea how to do this please?
Solution
You can fold both greps into a single sed or Awk script. See also useless use of grep.
sed -n '/to=<email@address>/s/.*from=<\([^<>]*\).*/\1/p' input.log > output.txt
In brief, sed -n says to not print by default, the address expression /to=<...>/ says to operate only on lines matching that regex, and the substitution command s/...\(...\).../\1/p says to replace the whole match with just the part within the parentheses, that is, extract just the from=<...> string, and print the resulting line.
If the sender address comes from a variable, you need double quotes instead of single.
addr='email@address'
sed -n "/to=<$addr>/s/.*from=<\([^<>]*\).*/\1/p" input.log > output.txt
Answered By - tripleee Answer Checked By - Marie Seifert (WPSolving Admin)