I have a log file, saved with particular date. I wanna fetch log entries during a particular time and date range to another file.
Ex: all entries from 2014-12-04 00:00:00 time to 2014-12-04 17:00:00
Asked
Active
Viewed 1.1e+01k times
5 Answers
4
Try egrep:
pttrn="2014-12-04 0[0-9]"
pttrn="${pttrn}|2014-12-04 1[0-6]"
pttrn="${pttrn}|2014-12-04 17:00:00"
egrep "${pttrn}" <logfile>
The egrep pattern contains three parts. The first part grabs everything from 00:00:00 to 09:59:59. The second part grabs everything from 10:00:00 to 16:59:59, and the third part grabs 17:00:00.
Daniel Goldfarb
- 161
0
In addition to above modifications in date range, one can search for intended strings in the same command line.
Example:
grep "Nov 30 18:" /var/log/maillog | grep "Remote_" | wc -l
Try increasing the search loops with adding more | or save the results in a file:
grep "1[3-7]/Sep/2011" /var/log/maillog > /var/krishna.txt
grep "1[3-7]/Sep/2011" /var/log/maillog > /tmp/results.txt
*wc -l counts the total in list generated from previous parts of the code.
0
If you want 4 minutes interval of logs,
grep "01/APR/2014:16:3[5-9]" logfile
will return all logs lines between 16:35 and 16:39 on 01/Apr/2014.
Suppose you need the last 5 days starting from 17/Sep/2014 you may use the following:
grep "1[3-7]/Sep/2011" logfile
Hopes this helps,
BDRSuite
- 6,378
0
You can select a starting line and an ending line with e.g. sed:
sed -n '/Dec 5 11:00/,/Dec 5 12:00/p' /var/log/daemon.log
This will print all lines from the first line with Dec 5 11:00 up to (and including) the first line with Dec 5 12:00. This is assuming the log is time-sequential (i.e. all lines are in order of time). The -n is to suppress the default action of printing each line.
wurtel
- 1,575
-1
Assuming you are inside the directory where existingfile.log exists.
$ egrep "(2014-12-04 00:*|2014-12-04 17:00:00)" existingfile.log >> /home/newfile.txt
iamfnizami
- 101