>you can simplify that line down to: > >awk 'BEGIN { FS=":" } /(smtp|SMTP)/ { printf "%-30sOK\n", $NF }' $1 > >the -30 will make sure that everything aligns, because with just a tab >to separate the email addresses, you'll end up with a wonky OK column. >-30 pads out the first column to 30 characters. > >also, I recommend changing the /(smtp|SMTP)/ to just /SMTP/ because if a >program is producing output like this from AD or LDAP, then the SMTP >will always be caps. You risk matching other lines in the log file that >don't match this format. > >basically, this script separates a line by colons ':' and prints the >last field if the line fed to it contains 'smtp' or 'SMTP'. The $NF is >Number of Fields, so effectively prints the last field. Well, the theory behind the case insensitivity is for users with more that one email address. The primary is always caps, but secondary's are lower case. Thanks for the pointer! jlc