Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

To check timestamp in logfile and display lines upto 3 hours before current timestamp

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting To check timestamp in logfile and display lines upto 3 hours before current timestamp
# 8  
Old 08-18-2014
Quote:
Originally Posted by MadeInGermany
Passing complex commands with ssh is problematic, because there are two shells that evaluate the script: one on the local host and one on the remote host.
Save the script on the local host, and pass it via stdin to the remote shell:
Code:
ssh -x server1 "/bin/sh -s" < savedscript

The -s option allows to place script arguments
Code:
ssh -x server1 "/bin/sh -s arg1 arg2" < savedscript

Thanks, its working perfect. Can you tell me how to get the count of the logs . What field do i need to edit in the below code.

Code:
 
awk -vDT=$(date +"%y%m%d%H%M" -d"- 3 hour") '
                 {sub(/^\[/,"")
                  split ($1, D, "/")
                  split ($2, T, ":")
                  AT=sprintf ("%02d%02d%02d%02d%02d", D[3], D[1], D[2], T[1], T[2])}
         AT > DT && /Exception/
        ' file

# 9  
Old 08-18-2014
Try (untested)
Code:
         AT > DT && /Exception/   {CNT++; print}
         END                      {print CNT}

# 10  
Old 09-17-2014
Hey Guys,

Now i have another logfile where the timestamp in logs are displayed in a different manner as

Code:
 
2014.09.16 05:15:36.354.MST Exception Found
2014.09.16 08:18:36.277.MST Result Ok
2014.09.16 17:10:22.233.MST Exception Found

This should output the result for last line only as Time currently in india is 17:51 and it is the only string Matching "Exception Found" in the last 3 hours.

How to modify the script propsed earlier to do this?

---------- Post updated 09-17-14 at 01:14 AM ---------- Previous update was 09-16-14 at 07:22 AM ----------

@Rudic , @Germany : I Need your help guys Smilie
# 11  
Old 09-17-2014
Given the help you have already received, why don't you show us what you have tried on your own to solve this slightly different problem?

The UNIX and Linux Forum is not a place to get free programming services every time you decide to change your requirements. We want you to learn from the examples we provide so you can do it yourself the next time.
# 12  
Old 09-19-2014
Quote:
Originally Posted by Don Cragun
Given the help you have already received, why don't you show us what you have tried on your own to solve this slightly different problem?

The UNIX and Linux Forum is not a place to get free programming services every time you decide to change your requirements. We want you to learn from the examples we provide so you can do it yourself the next time.
Thanks ,ill try to script this myself. I need some help understanding the below line.

Code:
 
AT=sprintf ("%02d%02d%02d%02d%02d", D[3], D[1], D[2], T[1], T[2])

What exactly is the function of Sprintf function and why is it in the order of D[3],D[1],D[2] instead of D[3],D[2],D[1] . If we are comparing the current timestamp (date +"%y%m%d%H%M" -d"- 3 hour") against the timestamp in logs, after splitting the timestamp in logs, it should be in order of yy/mm/dd as well.

---------- Post updated at 06:39 AM ---------- Previous update was at 06:38 AM ----------

Please ignore the above. I just realized my mistake. It will be D[3],D[1],D[2] only.

---------- Post updated at 07:54 AM ---------- Previous update was at 06:39 AM ----------

I modified the script as below and its working fine for the new File Smilie

Code:
 awk -vDT=$(date +"%Y%m%d%H%M" -d"- 3 hour") '
                     {
                      split ($1, D, ".")
                      split ($2, T, ":")
                      AT=sprintf ("%02d%02d%02d%02d%02d", D[1], D[2], D[3], T[1], T[2])}
             AT > DT && /Exception Found/
        ' /logs/Trace.log

This User Gave Thanks to srkmish For This Post:
Don Cragun
# 13  
Old 09-19-2014
Quote:
Originally Posted by srkmish
... ... ...
I modified the script as below and its working fine for the new File Smilie

Code:
 awk -vDT=$(date +"%Y%m%d%H%M" -d"- 3 hour") '
                     {
                      split ($1, D, ".")
                      split ($2, T, ":")
                      AT=sprintf ("%02d%02d%02d%02d%02d", D[1], D[2], D[3], T[1], T[2])}
             AT > DT && /Exception Found/
        ' /logs/Trace.log

Congratulations! We are always glad to hear that the people who have come to The UNIX and Linux Forums are learning how to write code that works after getting help with the basics from the volunteers here.

And thank you for posting your working code; you are now one of the volunteers showing others how you solved your problem.
This User Gave Thanks to Don Cragun For This Post:
srkmish
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Grep lines between last hour timestamp and current timestamp

So basically I have a log file and each line in this log file starts with a timestamp: MON DD HH:MM:SS SEP 15 07:30:01 I need to grep all the lines between last hour timestamp and current timestamp. Then these lines will be moved to a tmp file from which I will grep for particular strings. ... (1 Reply)
Discussion started by: nms
1 Replies

2. Shell Programming and Scripting

Display lines between timestamp

Hi Gurus, I have a software which logs event in the log file and it has become to big to search into it. I want to display all the lines from the log files between <Jul 21, 2016 3:30:37 PM BST> to <Jul 21, 2016 3:45:37 PM BST> that is 15 min data . Please help Use code tags, thanks. (10 Replies)
Discussion started by: guddu_12
10 Replies

3. Shell Programming and Scripting

AIX : Need to convert UNIX Timestamp to normal timestamp

Hello , I am working on AIX. I have to convert Unix timestamp to normal timestamp. Below is the file. The Unix timestamp will always be preceded by EFFECTIVE_TIME as first field as shown and there could be multiple EFFECTIVE_TIME in the file : 3.txt Contents of... (6 Replies)
Discussion started by: rahul2662
6 Replies

4. HP-UX

Comparing the timestamp of the file to current time

I have a file like this -rwxr-xr-x 1 rewq other 168 Jan 13 07:05 check_files.sh I want to compare (check_files.sh time) with the current time to see if its is older than 2 hours or not if it is not older than 2 hrs then do something.can someone help me on this?.I dont... (7 Replies)
Discussion started by: haadiya
7 Replies

5. Shell Programming and Scripting

Check/Parse log file's lines using time difference/timestamp

I was looking at this script which outputs the two lines which differs less than one sec. #!/usr/bin/perl -w use strict; use warnings; use Time::Local; use constant SEC_MILIC => 1000; my $file='infile'; ## Open for reading argument file. open my $fh, "<", $file or die "Cannot... (1 Reply)
Discussion started by: cele_82
1 Replies

6. Shell Programming and Scripting

Check if a date field has date or timestamp or date&timestamp

Hi, In a field, I should receive the date with time stamp in a particular field. But sometimes the vendor sends just the date or the timestamp or correctl the date&timestamp. I have to figure out the the data is a date or time stamp or date&timestamp. If it is date then append "<space>00:00:00"... (1 Reply)
Discussion started by: machomaddy
1 Replies

7. UNIX for Dummies Questions & Answers

How to compare a file by its timestamp and store in a different location whenever timestamp changes?

Hi All, I am new to unix programming. I am trying for a requirement and the requirement goes like this..... I have a test folder. Which tracks log files. After certain time, the log file is getting overwritten by another file (randomly as the time interval is not periodic). I need to preserve... (2 Replies)
Discussion started by: mailsara
2 Replies

8. Shell Programming and Scripting

How to retrieve the current timestamp?

I am doing this in my script .. currenttimestamp=`db2 "select current timestamp from SYSIBM.SYSDUMMY1 with ur"` echo s $currenttimestamp but this is how its shows s 1 -------------------------- 2011-04-18-12.43.25.345071 1 record(s) selected. How can I just get the timestamp... (6 Replies)
Discussion started by: mitr
6 Replies

9. AIX

Change specific (not current) date to timestamp

Hello to all. I work at AIX system without perl installed and I am restricted user, so I am limited to bash. In script that I am writing, I have to read line from file and transform date that I found inside to Unix timestamp. Line in file look something like this: Tue Mar 29 06:59:00... (5 Replies)
Discussion started by: Hyperborejac
5 Replies

10. Shell Programming and Scripting

Compare current time to timestamp on a file

I'm trying to compare 2 dates between current time and the timestamp on a file. The date format is mmdd Both return Apr 1 but when using if statement line 11: Apr 1: command not found error is returned #!/bin/sh log="DateLog" Current_Date=`date +%b%e` Filepmdate=`ls -l /file.txt |... (1 Reply)
Discussion started by: cillmor
1 Replies
Login or Register to Ask a Question