Viewing a specific timeframe of a log file


 
Thread Tools Search this Thread
Top Forums UNIX for Beginners Questions & Answers Viewing a specific timeframe of a log file
# 1  
Old 04-26-2017
Viewing a specific timeframe of a log file

Hi guys

Done a bit of research online but can't seem to figure it out, is there anyway of grepping or using sed to view a specific time period of a log file.

I am trying to view a log file for Saturday 22nd April between 08:00 - 12:00

I saw this command online and tried but doesn't seem to like it:

Code:
[casupport@wycvlapph048 epagent]$ sed -n '/4/26/2017 08:00/, //4/26/2017 12:00/p' IntroscopeEPA.log
sed: -e expression #1, char 4: unknown command: `2'

I have also tried using grep
Code:
[casupport@wycvlapph048 epagent]$ grep "4/26/2017:09:30" IntroscopeEPA.log

Again nothing returned... Am I not using the correct command for this?

Cheers
# 2  
Old 04-26-2017
The sed error is due to using an unescaped slash in the regex being interpreted as regex terminator. Try escaping it. Don't use double slashes.

The empty result of grep may be due to the exact 9:30 time not being found in the file. Try without minutes.

I'd guess you'd be better off not searching exact points in time but using e.g. awk to calculate times and use comparison operators to match ranges.
# 3  
Old 04-26-2017
Hi RudiC

Thank you for your response

I am not quite I understand your first point, what do you mean by escaping it?

I tried removing off time for the grep but this still came back with nothing

Cheers
Alex
# 4  
Old 04-26-2017
Quote:
Originally Posted by simpsa27
Hi guys


Code:
[casupport@wycvlapph048 epagent]$ sed -n '/4/26/2017 08:00/, //4/26/2017 12:00/p' IntroscopeEPA.log
sed: -e expression #1, char 4: unknown command: `2'

Cheers
Quote:
Originally Posted by simpsa27
Hi RudiC

Thank you for your response

I am not quite I understand your first point, what do you mean by escaping it?

Cheers
Alex
Basically as you are using the slash for searching sed stops at the second slash. By prefixing the slashes in between with backslahes, they won't be interpreted by sed as the end of the search pattern, but will go through as part of the pattern. That is what is meant by escaping.
Thus:
Code:
$ sed -n '/4\/26\/2017 08:00/, /4\/26\/2017 12:00/p' IntroscopeEPA.log

Personally if I'm working with slashes in my search pattern I use something else:
Code:
$ sed -n '\^4/26/2017 08:00^, \^4/26/2017 12:00^p' IntroscopeEPA.log

What I've done here is use the caret (^) as the search pattern delimiter, but you can use almost any other character. As you are using the pattern as an address you have to prefix the caret with a backslash, but if you are using the replacement command (eg sed 's^this^that^') sed will accept the first character after the 's' as the delimiter.

Andrew
This User Gave Thanks to apmcd47 For This Post:
# 5  
Old 04-26-2017
Hi Andrew

Thank you for your responses and explanations

I tried both commands which executed without error but still nothing returns

Code:
[casupport@wycvlapph048 epagent]$ sed -n '\^4/26/2017 08:00^, \^4/26/2017 12:00^p' IntroscopeEPA.log
[casupport@wycvlapph048 epagent]$ sed -n '/4\/26\/2017 08:00/, /4\/26\/2017 12:00/p' IntroscopeEPA.log
[casupport@wycvlapph048 epagent]$

# 6  
Old 04-26-2017
Thinking about it, are there lines with the times '08:00' and '12:00' in the log files? What happens if you use the expression
Code:
$ sed -n '\^4/26/2017 0[89]:[0-9][0-9]^p' IntroscopeEPA.log

instead?
Could you post a sample of the log file (up to 10 lines, maybe) here?

Andrew
# 7  
Old 04-26-2017
Code:
[casupport@wycvlapph048 epagent]$ tail -10f IntroscopeEPA.log
4/26/17 12:00:57 PM BST [DEBUG] [OraclePlugin] [FAILEDTRANSACTIONS] query: SELECT STATUS, UPDATED_TIMESTAMP FROM VMS_SCHEMA.VEND_STATUS_HISTORY WHERE UPDATED_TIMESTAMP > to_timestamp('26-04-17 11.00.26.235','DD-MM-RR HH24.MI.SS.FF') AND STATUS IN (10,15,20,25,30,35,40,50,55,300,310,350,60,70,75,80,125,45,65,105,106,107,108,109,110,40,320,330,340,145,109) ORDER BY UPDATED_TIMESTAMP ASC ;
4/26/17 12:00:57 PM BST [DEBUG] [OraclePlugin] FailedTransactions polling took: 35ms
4/26/17 12:00:57 PM BST [DEBUG] [OraclePlugin] [VENDATTEMPTS] normal: 26-04-17 11.00.26.235
4/26/17 12:00:57 PM BST [DEBUG] [OraclePlugin] [VENDATTEMPTS] reference: 27-04-17 00.00.00.000
4/26/17 12:00:57 PM BST [DEBUG] [OraclePlugin] [VENDATTEMPTS] current: 26-04-17 12.00.57.101
4/26/17 12:00:57 PM BST [DEBUG] [OraclePlugin] [VENDATTEMPTS] query: SELECT SOURCE, STATUS, PAN, VENDCODE, VEND_TRANSACTION.TRANSACTION_ID, MSN, CREATED_TIMESTAMP, UPDATED_TIMESTAMP FROM VMS_SCHEMA.VEND_TRANSACTION INNER JOIN VMS_SCHEMA.VEND_STATUS_HISTORY ON VEND_TRANSACTION.TRANSACTION_ID = VEND_STATUS_HISTORY.TRANSACTION_ID WHERE UPDATED_TIMESTAMP > to_timestamp('26-04-17 11.00.26.235','DD-MM-RR HH24.MI.SS.FF') AND STATUS IN (100,10,15,20,25,30,35,40,50,55,300,310,350,60,70,75,80,125,45,65,105,106,107,108,109,110,40,320,330,340,145,109) AND CREATED_TIMESTAMP IS NOT NULL ORDER BY UPDATED_TIMESTAMP ASC ;
4/26/17 12:00:57 PM BST [DEBUG] [OraclePlugin] [VENDATTEMPTS] result counter: 10
4/26/17 12:00:57 PM BST [DEBUG] [OraclePlugin] VendAttempts polling took: 38ms
4/26/17 12:00:57 PM BST [DEBUG] [OraclePlugin] Complete polling took: 263ms
4/26/17 12:00:57 PM BST [INFO] [OraclePlugin] Run finished in 0s
4/26/17 12:00:57 PM BST [DEBUG] [OraclePlugin] Heartbeat!


Moderator's Comments:
Mod Comment Please use CODE tags as required by forum rules!

Last edited by RudiC; 04-26-2017 at 08:04 AM.. Reason: Added CODE tags.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Grep a log file starting from a specific time to the end of file

I have a log file which have a date and time at the start of every line. I need to search the log file starting from a specific time to the end of file. For example: Starting point: July 29 2018 21:00:00 End point : end of file My concern is what if the pattern of `July 29 2018 21:00:00`... (3 Replies)
Discussion started by: erin00
3 Replies

2. Solaris

Command to grep the service with in a timeframe

Guys, I am trying to use this command to find out the occurrence of the service "Loadservice" from the log file "log.06102010.svr1" in between the time frame 02:00:00 to 03:00:00 on the day 06-10-2010. sed -n '/2010-06-10 02:00:00/,/2010-06-10 03:00:00/p' | fgrep "Loadservice"... (14 Replies)
Discussion started by: kriss.gv
14 Replies

3. UNIX for Dummies Questions & Answers

Search for a specific String in a log file for a specific date range

Hi, I have log file which rolls out every second which is as this. HttpGenRequest - -<!--OXi dbPublish--> <created="2014-03-24 23:45:37" lastMsgId="" requestTime="0.0333"> <response request="getOutcomeDetails" code="114" message="Request found no matching data" debug="" provider="undefined"/>... (3 Replies)
Discussion started by: karthikprakash
3 Replies

4. Shell Programming and Scripting

Taking a specific value from a log file

Dear community, I've a file contaning some logs like: 185413.854: 185456.748: 185457.631: 185467.213: 185468.913: 185472.378: 185479.944: 185482.828: 185486.855: 185490.946: 185497.580: 185501.771: 185501.787: 185511.343: 185513.458: 3101902K(4089472K), 0.0117240 secs]... (6 Replies)
Discussion started by: Lord Spectre
6 Replies

5. Shell Programming and Scripting

Help with viewing the Log files

I have a file name as logfiles_tar.tgz. How can I view the contents of the log files present in logfiles_tar.tgz ? Any help would be really appreciated. Thanks (3 Replies)
Discussion started by: bobby1015
3 Replies

6. Solaris

Logging out idle users after a certain timeframe

We recently underwent a security audit and have a new requirement to not allow users to stay logged on overnight. In order to place this policy into effect i need a way to check for idle users and log them off. Is there any good way to enforce this policy in Solaris 10 and make it work in such a... (11 Replies)
Discussion started by: goose25
11 Replies

7. Shell Programming and Scripting

Date within a timeframe 2 days ago

How could I using the following example, change it to show 2 days ago within the same time frame 0600 AM to 0600 AM let foo=`date "+(1%H-106)*60+1%M-100"` bar=foo+1440 find . -mmin +$foo -mmin -$bar | tr -s '/','-' '^' | cut -f2,3 -d"^" | tr -s '^' ' ' | Please use code tags (7 Replies)
Discussion started by: freddie999
7 Replies

8. Shell Programming and Scripting

print contents of any file within some timeframe

Hi, Is there anyway to print contents of any file ( say log files that grow automatically) within some timeframe ( comparing with current time), say print contents of the added in: 1) last 2 hr 2) last 45 min 3) last 3 hrs 47 min (3 Replies)
Discussion started by: fed.linuxgossip
3 Replies

9. Shell Programming and Scripting

How to read a specific value from a Log file?

Hi, I have a .log file in which it has many values. But i need some specific values. How it can be done using Shell Script. Please explain in detail. Thankx in advance. Sathish D V. (8 Replies)
Discussion started by: cooolthud
8 Replies

10. UNIX for Dummies Questions & Answers

viewing specific lines

hi, is there any command on viewing specific line number of a file? thanks (3 Replies)
Discussion started by: dakid
3 Replies
Login or Register to Ask a Question