1

ultimately I am looking to insert some info into a database. So I'm trying to output a file from something (probably nmap) that is formatted like this:

10.1.150.1,Up,1/3/2012,host.domain.lan 10.1.150.2,Down,1,3/2012,host2.domain.lan

I do not HAVE to get the date from the nmap scan but it would be helpful. I can add it when I insert the data into the DB.

I'm pretty sure that nmap can do this along with some grep, awk, and sed foo, but those things aren't my strongest points.

EDIT: I'm open to suggestions about output formats.. XML? I need to run this daily (give or take) and import the results to MySQL

EDIT2: I've gotten this far;

nmap -sn -oG - 192.168.0.50-100 | grep Host | awk '{print $2","$5","$3}'

Which gives me this:

192.168.0.75,Up,() 192.168.0.76,Up,(server01.domain.com) 192.168.0.77,Up,(server02.domain.com) 192.168.0.78,Up,(server03.domain.com)

Next; Can I remove the parens? add the date? Nmap always says what time it starts and finishes but it doesn't include that on each line... so I can't grab it w/ the awk statement.

Improve this question

    2 Answers 2

    Reset to default
    4

    Have a look in the Nmap book's chapter 13, "Output formats", it has a section on "Grepable Output" and even one on "Output to a Database".

    Improve this answer
      1

      If you want another program (database, etc.) to use Nmap output, always use the XML output (-oX). Depending on your preferred programming languages, there will often be a parser library already written: Nmap::Parser for Perl, Nmap::Parser for Ruby, ndiff (comes with Nmap) for Python. If you really need to use command pipelines, there are a few XML utilities that could be made to work (XmlStarlet seems to be fairly popular).

      Depending on your needs, you could make use of an existing project that supports Nmap XML import. Metasploit, Dradis, and OpenVAS are a few very different tools that support importing from Nmap and storing in a database.

      Even if you insist on using the "Grepable" output (which is deprecated), I would highly recommend using a real scripting/programming language (Perl, Python, Ruby, etc.) to do the parsing, especially for things like putting the date on every line or stripping parentheses. Command pipelines involving Nmap usually end up as monstrosities like this:

      nmap -sn -oG - 192.168.0.50-100 | perl -lanE 'if(/initiated (.*?) as:/){$d=$1;$,=","}else{print@F[1,4],$d,$F[2]=~/\((.*)\)/ if/Status:/}'
      Improve this answer

        You must log in to answer this question.

        Start asking to get answers

        Find the answer to your question by asking.

        Ask question

        Explore related questions

        See similar questions with these tags.