Is there a way to have excel read text and decipher whether it does or doesn’t have certain character/letters?
Here is my example sheet
I am looking for something that deciphers using
these guidelines. 1. If entry has a / then output
URL. 2. If entry is not a URL and has only numbers
and special characters then output IP. 3. If entry is
not a URL or IP and has more than 1
dots/periods/decimals then output HOST. If entry
is not a URL, IP, or HOST (or only has 1
dot/period/decimal) then output FQDN.
Here is an example of what I'm looking for
I have tried using these below:
=IF(LEN(A1)-LEN(SUBSTITUTE(A1,"/“,””))=1,"URL",IF(LEN(A1)-LEN(SUBSTITUTE(A1,”.”,""))=1,"FQDN"‚IF(LEN(A1)-LEN(SUBSTITUTE(A1,".",”"))>1,"HOST")))
That works for reading URL, HOST, and FQDN;
however, it reads IP's as HOST's.
I have also used
=IF(OR(ISNUMBER(SEARCH({"A","B","C",”D","E","F”,"G","H","I","J","K",”L”,"M",”N","O","P","Q”,"R","S","T","U","V","W",”X","Y","Z"},A1))),””,"IP")
That works for reading if an entry contains letters and if not it outputs IP.
Is there a way to combine these or simplify what I am trying to do?
Thanks!
This produces the desired output for your sample (at least)
=IF(COUNTIF(A1,"*/*"),"URL",IF(ISNUMBER(VALUE(SUBSTITUTE(A1,".",""))),"IP",IF(LEN(A1)-LEN(SUBSTITUTE(A1,".",""))>1,"HOST","FQDN")))
A possible solution (tested with O365) :
=IFS(ISNUMBER(VALUE(LEFT(A1:A5)))=TRUE,"IP",LEN(A1:A5)-LEN(SUBSTITUTE(A1:A5,".",""))>1,"HOST",LEN(A1:A5)-LEN(SUBSTITUTE(A1:A5,"/",""))=1,"URL",LEN(A1:A5)-LEN(SUBSTITUTE(A1:A5,".",""))=1,"FQDN")
Classical way (in B1) :
=IF(ISERROR(SEARCH("/",A1))=FALSE,"URL",IF(ISERROR(VALUE(LEFT(A1)))=FALSE,"IP",IF(LEN(A1)-LEN(SUBSTITUTE(A1,".",""))>1,"HOST",IF(ISBLANK(A1)=TRUE,"","FQDN"))))
Output :
Related
I am having trouble creating a particular type of visualization in Kibana. My events in Kibana are statistics on communications between two ip address. Two of the fields are lists of ports used by the particular ip address. An example of the fields would be:
ip1 = 192.168.101.2
ip2 = 192.168.101.3
ip2Ports = 80,443
ip1Ports = 80,57000,0
I would like to have a top count of all the values such as
port count
80 2
57000 1
443 1
I have been able to parse ip2Ports to be ip2Ports_List.column1, ip2Ports_List.column2, ect, but I can only choose one term with term aggregation in the visualization. I can split the chart, but that leads to separate counts for each field. If I go by the original ip2Ports field, it is just aggregated as the string such as, "80,443".
Is it even possible to create a top count visualization of fields with multiple values? If so, how would I do so. If not, is there a way to restructure my data so I can do it? Thank you!
My issue stemmed from the format of the values being sent in by Logstash. I had thought that the 'ip2Ports_List.column1' format, which was a result from using the csv filter, was part of an array. It wasn't. After analyzing it, 'ip2Ports_List.column1' didn't seem to be much different from a new field.
Elastic needed an array to give me the visualization I wanted. I wasn't sure what the best way to produce it was, so I just ended up using the ruby filter. This is what the code ended up looking like:
ruby {
code => "fields = event.get('portsIp').split(',')
event.set('portsIpArray',fields)"
}
Where 'portsIp' looked something like "80,443". Splitting it turned 'portsIp' into a Ruby array. I just set that array as the value for a new event field, 'portsIpArray'.
From there when I tried visualize the 'portsIpArray' field, it looked exactly how I wanted it to, treating each port as separate value, and still associating each port with the same event/field.
Extra:
Also something I discovered is if you're writing your code like I was, directly in the Logstash conf file, Logstash doesn't like it if you use double quotes within the double quoted code. In hindsight it makes sense, but it doesn't give a clear error so it's difficult to figure out.
I would just like a simple browser automation that increments one number in a URL and downloads the information from that place. For example, if the address looks like this:
www.test.com/something/part1_0.jpg
How could I increment the '1' and download the file from each successive web page?
Thanks
P.S. I'm using OS X 10.9
Here's a ruby solution using open-uri:
require 'open-uri'
(1..100).each do |num|
File.open("part#{num}_0.jpg", 'wb') do |f|
f.write open("www.test.com/something/part#{num}_0.jpg").read
end
end
This snippet A) creates a range of numbers; B) iterates over the range of numbers; C) opens an image file in binary mode and interpolates the current number into the file name; and D) reads the image from the URL and writes it.
But the easiest way would probably be to use curl from your command line:
curl -O www.test.com/something/part[1-100]_0.jpg
Depending on the number of webpages that you need to access, modify the numbers in brackets accordingly.
I currently have a VM running Titan over a local Cassandra backend and would like the ability to use ElasticSearch to index strings using CONTAINS matches and regular expressions. Here's what I have so far:
After titan.sh is run, a Groovy script is used to load in the data from separate vertex and edge files. The first stage of this script loads the graph from Titan and sets up the ES properties:
config.setProperty("storage.backend","cassandra")
config.setProperty("storage.hostname","127.0.0.1")
config.setProperty("storage.index.elastic.backend","elasticsearch")
config.setProperty("storage.index.elastic.directory","db/es")
config.setProperty("storage.index.elastic.client-only","false")
config.setProperty("storage.index.elastic.local-mode","true")
The second part of the script sets up the indexed types:
g.makeKey("property").dataType(String.class).indexed("elastic",Edge.class).make();
The third part loads in the data from the CSV files, this has been tested and works fine.
My problem is, I don't seem to be able to use the ElasticSearch functions when I do a Gremlin query. For example:
g.E.has("property",CONTAINS,"test")
returns 0 results, even though I know this field contains the string "test" for that property at least once. Weirder still, when I change CONTAINS to something that isn't recognised by ElasticSearch I get a "no such property" error. I can also perform exact string matches and any numerical comparisons including greater or less than, however I expect the default indexing method is being used over ElasticSearch in these instances.
Due to the lack of errors when I try to run a more advanced ES query, I am at a loss on what is causing the problem here. Is there anything I may have missed?
Thanks,
Adam
I'm not quite sure what's going wrong in your code. From your description everything looks fine. Can you try the follwing script (just paste it into your Gremlin REPL):
config = new BaseConfiguration()
config.setProperty("storage.backend","inmemory")
config.setProperty("storage.index.elastic.backend","elasticsearch")
config.setProperty("storage.index.elastic.directory","/tmp/es-so")
config.setProperty("storage.index.elastic.client-only","false")
config.setProperty("storage.index.elastic.local-mode","true")
g = TitanFactory.open(config)
g.makeKey("name").dataType(String.class).make()
g.makeKey("property").dataType(String.class).indexed("elastic",Edge.class).make()
g.makeLabel("knows").make()
g.commit()
alice = g.addVertex(["name":"alice"])
bob = g.addVertex(["name":"bob"])
alice.addEdge("knows", bob, ["property":"foo test bar"])
g.commit()
// test queries
g.E.has("property",CONTAINS,"test")
g.query().has("property",CONTAINS,"test").edges()
The last 2 lines should return something like e[1t-4-1w][4-knows-8]. If that works and you still can't figure out what's wrong in your code, it would be good if you can share your full code (e.g. in Github or in a Gist).
Cheers,
Daniel
HI everyone first of all thank you for visiting my question
I am working with a new IDS, OSSIM, It's database requires a host's:
Name, CIDR, and Description in a .csv format for uploading through a web UI.
Version 4.x.x: "Netname";"CIDRs(CIDR1,CIDR2,...
)";"Description";"Asset value"*;"Net ID"
Currently I have the full list of hosts in a .txt file like so,
Department1 129.252.136.128 129.252.136.255 contact1#email.com,contact2#email.com,contact3#email.com
Department2 129.252.154.64 129.252.154.127 contact1#email.com
If anyone has any Idea how to get the IP range converted into CIDR notation then the file into a .csv format I would greatly appreciate it.
For CIDR1 and CIDR2 in their binary representation, compare CIDR1 and CIDR2 bit-by-bit and set a bit in the target netmask until the bits stopped matching.
Example:
CIDR1 = 192.168.127.0 = 11000000101010000111111100000000
CIDR2 = 192.168.127.32 = 11000000101010000111111100100000
Netmask = 255.255.255.192 = 11111111111111111111111111000000
EDIT
In order to automate this, as per your comment, you ought to use a language that has easy access to IP functions, e.g. php has ip2long function.ip2long as well as CSV handling functions fgetcsv function.fgetcsv
I have another puzzling problem.
I need to read .xls files with RODBC. Basically I need a matrix of all the cells in one sheet, and then use greps and strsplits etc to get the data out. As each sheet contains multiple tables in different order, and some text fields with other options inbetween, I need something that functions like readLines(), but then for excel sheets. I believe RODBC the best way to do that.
The core of my code is following function :
.read.info.default <- function(file,sheet){
fc <- odbcConnectExcel(file) # file connection
tryCatch({
x <- sqlFetch(fc,
sqtable=sheet,
as.is=TRUE,
colnames=FALSE,
rownames=FALSE
)
},
error = function(e) {stop(e)},
finally=close(fc)
)
return(x)
}
Yet, whatever I tried, it always takes the first row of the mentioned sheet as the variable names of the returned data frame. No clue how to get that solved. According to the documentation, colnames=FALSE should prevent that.
I'd like to avoid the xlsReadWrite package. Edit : and the gdata package. Client doesn't have Perl on the system and won't install it.
Edit:
I gave up and went with read.xls() from the xlsReadWrite package. Apart from the name problem, it turned out RODBC can't really read cells with special signs like slashes. A date in the format "dd/mm/yyyy" just gave NA.
Looking at the source code of sqlFetch, sqlQuery and sqlGetResults, I realized the problem is more than likely in the drivers. Somehow the first line of the sheet is seen as some column feature instead of an ordinary cell. So instead of colnames, they're equivalent to DB field names. And that's an option you can't set...
Can you use the Perl-based solution in the gdata instead? That happens to be portable too...