I use cut instead of awk, at least for logs like apache or ones with fixed amount of spaces between fields, because it means less parsing/work, specially for summarizing long log files. Also use cat of the log as input, because is the same pattern for zcat/grep/zgrep if the input is compressed or I did some selection of records before.
Some of the records you may have to search could have the port attached (i.e. output of netstat, haproxy logs or others) so for stripping them I add
rev | cut -d ":" -f 2- | rev
on the list of IPs to not get messed up with IPv6 records.
Some of the records you may have to search could have the port attached (i.e. output of netstat, haproxy logs or others) so for stripping them I add
rev | cut -d ":" -f 2- | rev
on the list of IPs to not get messed up with IPv6 records.