Search for multiple IP addresses in webserver log

To search for an IP address in a server log, grep is a tool to do it. To search for a single IP address, you need to know where the log file is then either navigate to it or use an absolute path, if you are already in the correct directory use grep like so…

grep '94.23.210.200' my_traffic.log

To search for multiple IP addresses, separate the IP addresses with a back slash and a pipe symbol like so…

grep '188.165.217.134\|192.95.30.59\|192.95.30.137\|198.27.81.188' my_traffic.log

To search for multiple IP addresses in multiple files, you can pass in a number of log files or better yet is to use a wildcard such as an asterisk followed by the file extension.

grep '188.165.217.134\|192.95.30.59\|192.95.30.137\|198.27.81.188' *.log

So above will search all log files that end in .log

To output the results to a file instead of the screen you can either create new/replace a file with > or append to a file with >>

grep '188.165.217.134\|192.95.30.59\|192.95.30.137' *.log > i-am-a-new-file.txt

or

grep '188.165.217.134\|192.95.30.59\|192.95.30.137\' *.log >> i-am-an-existing-file.txt