Search code examples
sedalignmentcapture-group

How to align properly the output of sed capture grous

I parse some files with logs, and I get specific values using capture groups in sed. It works, but the alignment is not proper when I have some big values

This is an example of a log:

== 2022-02-01 18:30:36.301 +0100 == Packet received at ingress stage, tag 0, type ORDERED Packet info: len 131 port 18 interface 18 vsys 1 wqe index 31527 packet 0x0xc0046e99c0, HA: 0, IC: 0 Packet decoded dump: L2: 00:50:56:b8:17:29->00:50:56:b8:6f:d7, type 0x0800 IP: 172.16.10.20->172.16.0.10, protocol 6 version 4, ihl 5, tos 0x00, len 117, id 27949, frag_off 0x4000, ttl 128, checksum 5931(0x2b17) TCP: sport 21, dport 62040, seq 3281740227, ack 4101579101, reserved 0, offset 5, window 256, checksum 21106, flags 0x18 ( ACK PSH), urgent data 0, l4 data len 77 TCP option:

And here is the output of my command:

sed -E 's/.*at ([a-z]+) stage.*tag ([0-9]+).*type ([A-Z]+) .*IP: ([0-9\.]+)->([0-9\.]+).*sport ([0-9]+).*dport ([0-9]+).*\( ([A-Z\ ]+)\).*data len ([0-9]+).*/\1 \t\2       \t\3   \t\4 -> \5  \t\t\6 \t-> \7    \t\8      \t\9/' one_liners2
slowpath        2900202469              ATOMIC          172.16.0.10 -> 172.16.10.20             62040   -> 21           SYN             0
fastpath        1068            ATOMIC          172.16.0.10 -> 172.16.10.20             62040   -> 21           SYN             0
ingress         0               ORDERED         172.16.10.20 -> 172.16.0.10             21      -> 62040        SYN ACK         0
fastpath        1068            ATOMIC          172.16.10.20 -> 172.16.0.10             21      -> 62040        SYN ACK         0
ingress         0               ORDERED         172.16.0.10 -> 172.16.10.20             62040   -> 21           ACK             0
fastpath        1068            ATOMIC          172.16.0.10 -> 172.16.10.20             62040   -> 21           ACK             0
ingress         0               ORDERED         172.16.10.20 -> 172.16.0.10             21      -> 62040        ACK PSH         77

As you can see above, the alignment for the first line is not good. I tried by using \t and spaces, but still the first row is displayed with bad alignment in comparison to the other lines. Is there any way for sed to align them in a neat way?

Desired output:

slowpath        2900202469      ATOMIC          172.16.0.10 -> 172.16.10.20             62040   -> 21           SYN             0
fastpath        1068            ATOMIC          172.16.0.10 -> 172.16.10.20             62040   -> 21           SYN             0
ingress         0               ORDERED         172.16.10.20 -> 172.16.0.10             21      -> 62040        SYN ACK         0
fastpath        1068            ATOMIC          172.16.10.20 -> 172.16.0.10             21      -> 62040        SYN ACK         0
ingress         0               ORDERED         172.16.0.10 -> 172.16.10.20             62040   -> 21           ACK             0
fastpath        1068            ATOMIC          172.16.0.10 -> 172.16.10.20             62040   -> 21           ACK             0
ingress         0               ORDERED         172.16.10.20 -> 172.16.0.10             21      -> 62040        ACK PSH         77

Is there maybe another way to do the above using awk?

Any help is hugely appreciated!

Solution

  • Suggesting awk script:

     awk '{split($0,strArr,"\\( |\\), ");printf "%-10s %-12s %-9s %+16s -> %-16s %+6s -> %-6s %-8s %s\n",$9,$12,$14,$43,$44,$65,$67,strArr[2],$(NF-2)}' FS="( |, |: |->)" input.1.txt

    Ouput from provided input:

     ingress    0            ORDERED       172.16.10.20 -> 172.16.0.10          21 -> 62040  ACK PSH  77