06-25-2009
copy lines from log files based on timestamp and sysdate
I am sorry to repost this question. it was not clear, and I had the meeting and didn't response the question on time. I do really need help and appreciate your help very much.
I'm looking for a simple shell script that will read lots of audit log file (*.aud) in a log fold every 10 minutes, and will output to one file based on system date - 10 minutes. assume the script is run at 11:12:20, and it
should grep the line from Wed Jun 17 11:02:43 2009 to end of file. after 10 minutes (11:22:20), the script is run again, and it will grep lines Wed Jun 17 11:22:20 2009 to end of file. the audit log files are continually written, and we like to get audit log info from log files every 10 minutes, but no duplicated info every time we grep.
here is sample content of one audit log file. the format is show below (timestamps and entries on separate lines
and is there blank line between entries).
Wed Jun 17 11:02:16 2009
SESSIONID: "5649284" ENTRYID: "4" STATEMENT: "2" USERID: "USER_MEDFORM_RECEIVE" USERHOST: "PLACEWORDSHQ\NETAPP-DEV"
TERMINAL: "NETAPP-DEV" ACTION: "3" RETURNCODE: "0" OBJ$CREATOR: "MEDFORM" OBJ$NAME: "PM_DOC_INSERTS" OS$USERID:
"NETWORK?SERVICE"
Wed Jun 17 11:02:43 2009
SESSIONID: "5649284" ENTRYID: "5" STATEMENT: "4" USERID: "USER_MEDFORM_RECEIVE" USERHOST: "PLACEWORDSHQ\NETAPP-DEV"
TERMINAL: "NETAPP-DEV" ACTION: "3" RETURNCODE: "0" OBJ$CREATOR: "MEDFORM" OBJ$NAME: "MEDICAL_RECEIVE_QUEUE"
OS$USERID: "NETWORK?SERVICE"
Wed Jun 17 11:02:43 2009
SESSIONID: "5649284" ENTRYID: "6" STATEMENT: "4" USERID: "USER_MEDFORM_RECEIVE" USERHOST: "PLACEWORDSHQ\NETAPP-DEV"
TERMINAL: "NETAPP-DEV" ACTION: "3" RETURNCODE: "0" OBJ$CREATOR: "MEDFORM" OBJ$NAME: "PM_DOC_INSERTS" OS$USERID:
"NETWORK?SERVICE"
thanks
jack
Last edited by jim mcnamara; 06-25-2009 at 10:51 AM..
Reason: closed - duplicate
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
how to copy lines from a log file based on timestamp.
INFO (RbrProcessFlifoEventSessionEJB.java:processFlight:274) - E_20080521_110754_967: rbrAciInfoObjects listing complete!
INFO (RbrPnrProcessEventSessionEJB.java:processFlight:197) - Event Seq: 1647575217; Carrier: UA; Flt#: 0106; Origin:... (1 Reply)
Discussion started by: ranjiadmin
1 Replies
2. Shell Programming and Scripting
I'm looking for a command or simple script that will read lots of audit log file (*.aud) in log fold every 10 minutes, and will output to one file based on sysdate - 10 minutes. assume the script is run at 11:12:20, and it
should grep the line from Wed Jun 17 11:02:43 2009 to end of file. after... (4 Replies)
Discussion started by: percvs88
4 Replies
3. Shell Programming and Scripting
Hi All,
PFB is a requirement. I am new to shell scripting. So plz help. It would be highly appreciated.
1. choose all the log files based on a particular date (files location is '/test/domain')--i.e,we should choose all the files that are modified on 29th November, neither 28th nor 30th
2.... (3 Replies)
Discussion started by: skdas_niladri
3 Replies
4. Shell Programming and Scripting
Dear friends..
I have the below listing of files under a directory in unix
-rw-r--r-- 1 abc abc 263349631 Jun 1 11:18 CDLD_20110603032055.xml
-rw-r--r-- 1 abc abc 267918241 Jun 1 11:21 CDLD_20110603032104.xml
-rw-r--r-- 1 abc abc 257672513 Jun 3 10:41... (5 Replies)
Discussion started by: sureshg_sampat
5 Replies
5. UNIX for Dummies Questions & Answers
I have a few log files which get generated on a daily basis..So, I need to pick only the ones which get generated for that particular day.
-rw-r--r-- 1 staff 510732676 Apr 7 22:01 test.log040711
-rwxrwxrwx 1 staff 2147482545 Apr 7 21:30 test.log.2
-rwxrwxrwx 1 staff 2147482581 Apr 7 19:26... (43 Replies)
Discussion started by: win4luv
43 Replies
6. Shell Programming and Scripting
Hi
I have a requirement like below
I need to sort the files based on the timestamp in the file name and run them in sorted order and then archive all the files which are one day old to temp directory
My files looks like this
PGABOLTXML1D_201108121235.xml... (1 Reply)
Discussion started by: saidutta123
1 Replies
7. Shell Programming and Scripting
Please help me with a command to find all files in directory and copy them into another with a timestamp. I have
the code to find and copy the files but unable to add timestamp to the files.
Below is the find and copy code which i am using(need to add timestamp)
find /root/files -name "*.gz"... (8 Replies)
Discussion started by: vel4ever
8 Replies
8. Shell Programming and Scripting
Hi,
I have a folder with multiple (< 33) .log files.
And I have to copy the lines between two patterns from all the .log files to a new file.
(script file with a loop?)
Thanks in advance.
1.log
...
..
xx1> begin
...
..
..
>>> Total: 2 Alarms
..
.. (17 Replies)
Discussion started by: AK47
17 Replies
9. UNIX for Dummies Questions & Answers
Hi,
I have requirement to list out files that are created after particular file.
ex. I have below files in my directory. I want to display files created after /dirdat/CG1/cg004440 file.
./dirdat/CG1/cg004438 09/07/14 0:44:05
./dirdat/CG1/cg004439 09/07/14 6:01:48 ... (3 Replies)
Discussion started by: tmalik79
3 Replies
10. Shell Programming and Scripting
Hi i need to keep todays files based on timestamp and archive the remaining files
ex:
Managerial_Country_PRD_20150907.csv
Managerial_Country_PRD_20150907.csv
Managerial_Country_PRD_20150906.csv
Managerial_Country_PRD_20150905.csv (6 Replies)
Discussion started by: ram1228
6 Replies
LEARN ABOUT OSX
xinetd.log
XINETD.LOG(5) File Formats Manual XINETD.LOG(5)
NAME
xinetd.log - xinetd service log format
DESCRIPTION
A service configuration may specify various degrees of logging when attempts are made to access the service. When logging for a service is
enabled, xinetd will generate one-line log entries which have the following format (all entries have a timestamp as a prefix):
entry: service-id data
The data depends on the entry. Possible entry types include:
START generated when a server is started
EXIT generated when a server exits
FAIL generated when it is not possible to start a server
USERID generated if the USERID log option is used.
NOID generated if the USERID log option is used, and the IDONLY service flag is used, and the remote end does not identify
who is trying to access the service.
In the following, the information enclosed in brackets appears if the appropriate log option is used.
A START entry has the format:
START: service-id [pid=%d] [from=%d.%d.%d.%d]
An EXIT entry has the format:
EXIT: service-id [type=%d] [pid=%d] [duration=%d(sec)]
type can be either status or signal. The number is either the exit status or the signal that caused process termination.
A FAIL entry has the format:
FAIL: service-id reason [from=%d.%d.%d.%d]
Possible reasons are:
fork a certain number of consecutive fork attempts failed (this number is a configurable parameter)
time the time check failed
address the address check failed
service_limit the allowed number of server instances for this service would be exceeded
process_limit a limit on the number of forked processes was specified and it would be exceeded
A DATA entry has the format:
DATA: service-id data
The data logged depends on the service.
login remote_user=%s local_user=%s tty=%s
exec remote_user=%s verify=status command=%s
Possible status values:
ok the password was correct
failed the password was incorrect
baduser no such user
shell remote_user=%s local_user=%s command=%s
finger received string or EMPTY-LINE
A USERID entry has the format:
USERID: service-id text
The text is the response of the identification daemon at the remote end excluding the port numbers (which are included in the response).
A NOID entry has the format:
NOID: service-id IP-address reason
SEE ALSO
xinetd(1L), xinetd.conf(5)
28 April 1993 XINETD.LOG(5)