Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Access log field - using awk to pull date/time
Top Forums Shell Programming and Scripting Access log field - using awk to pull date/time Post 302663667 by SkySmart on Thursday 28th of June 2012 10:45:03 AM
Old 06-28-2012
Access log field - using awk to pull date/time
hey guys.

the following line is a line taken from apache's access_log

Code:
10.10.10.10 - jdoe [28/Jun/2012:14:24:15 +0000] "GET /images/down.gif HTTP/1.1" 304

I'm concerned about the field that has the date and time in it.

if assuming the delimiter in the file is a space, then the fourth field will always have the date and time in it.

however, it is my understanding that the date and time may not always be in the fourth field. depending on the other fields, the date and time may be in random fields.

so my question is, what kind of awk scripting can i use to find the field that has the date/time in it and pull that out?

something better than this:

Code:
echo '10.10.10.10 - jdoe [28/Jun/2012:14:24:15 +0000] "GET /images/down.gif HTTP/1.1" 304' | awk -F" " '{print $4}'

 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Processing a log file based on date/time input and the date/time on the log file

Hi, I'm trying to accomplish the following and would like some suggestions or possible bash script examples that may work I have a directory that has a list of log files that's periodically dumped from a script that is crontab that are rotated 4 generations. There will be a time stamp that is... (4 Replies)
Discussion started by: primp
4 Replies

2. Shell Programming and Scripting

Split the access.log based on date

I am trying to get the content of Apache access.log file for the current date for viewing purposes. I can get it with the following sed command sed -n '/09\/Oct\/2008/,/09\/Oct\/2008/p' access.log | less now I want to enhance it such that it will automatically take current date instead of... (4 Replies)
Discussion started by: ysprathap
4 Replies

3. UNIX for Dummies Questions & Answers

Need to pull Yesterdays Date...

I tried this and it works for the most part, but if the date is 20090301, it displays 20090300. YESTERDAY=$((`date +%Y%m%d` -1)) (2 Replies)
Discussion started by: cards0622
2 Replies

4. Shell Programming and Scripting

Need script to pull multiple field from log file

I am hoping to get some help with a script to pull certain fields from a log file. User update (xx6xxx P) rpt (yy6yyy B) 2010/01/20 21:36:01.298 Remote client forward start streamid 85af 2010/01/20 21:36:01.307 rpt2 (ZZ6ZZZ G) rpt1 (YY6YYY B) urcall (CQCQCQ ) mycall (W1AW) user... (5 Replies)
Discussion started by: TedSD
5 Replies

5. UNIX for Dummies Questions & Answers

Converting string date time to unix time in AWK

I'd like to convert a date string in the form of sun aug 19 09:03:10 EDT 2012, to unixtime timestamp using awk. I tried This is how each line of the file looks like, different date and time in this format Sun Aug 19 08:33:45 EDT 2012, user1(108.6.217.236) all: test on the 17th ... (2 Replies)
Discussion started by: bkkid
2 Replies

6. Shell Programming and Scripting

awk help reformatting badly formatted time field

I need help reformatting an input file with spaces in the time field (4th field). I want the field to look like “hh:mm” with appropriate embedded zeros, but instead it has “h :m “ if the hour and/or minute are single character. I'm pretty new to scripting and this is beyond me. Any help would... (4 Replies)
Discussion started by: lisep
4 Replies

7. UNIX for Dummies Questions & Answers

Does 'grep' update a file's access date/time?

I've got a job that finds and removes trace files based upon an access time of more than seven days (I've also tried a modify date). find TABC* -atime +7 -exec rm + find TABC* -mtime +7 -exec rm + Whether I use -atime or -mtime, the process seems to work sporadically. Sometimes it removes... (6 Replies)
Discussion started by: Scottie1954
6 Replies

8. Shell Programming and Scripting

Command to pull date

I have one file with below entry. There are multiple entries, but for sample I used just three lines. my requirment is to create a script by which it will pull only those entries which modification time is greater than 2 weeks (or 15 days). if I run script today, it will compare date from today... (4 Replies)
Discussion started by: anshu ranjan
4 Replies

9. HP-UX

HP/UX command to pull file name/date based on date

HI, Can anyone tell me how to pull the date and file name separated by a space using the find command or any other command. I want to look through several directories and based on a date timeframe (find -mtime -7), output the file name (without the path) and the date(in format mmddyyyy) to a... (2 Replies)
Discussion started by: lnemitz
2 Replies

10. Shell Programming and Scripting

awk script to find time difference between HTTP PUT and HTTP DELETE requests in access.log

Hi, I'm trying to write a script to determine the time gap between HTTP PUT and HTTP DELETE requests in the HTTP Servers access log. Normally client will do HTTP PUT to push content e.g. file_1.txt and 21 seconds later it will do HTTP DELETE, but sometimes the time varies causing some issues... (3 Replies)
Discussion started by: Juha
3 Replies

LEARN ABOUT DEBIAN

sttime

sttime(3)						    ShapeTools Toolkit Library							 sttime(3)

NAME

       stMktime, stWriteTime - date and time handling

SYNOPSIS

       #include <config.h>
       #include <sttk.h.h>

       time_tstMktime (char *string);

       char*stWriteTime (time_t date);

DESCRIPTION

       stMktime scans the given string and tries to read a date and time from it. It understands various formats of date strings. The following is
       a list of all valid formats, optional parts in brackets.

       [Tue] Jan 5[,] [19]93
		     This includes the standard asctime(3) format.

       Jan 5	     With no year given, the year defaults to the current year.

       [19]93/01/05  This notation requires month and day represented by exactly two digits.

       5.1.[19]93    This is the usual German notation.

       5.1.	     German notation referencing the current year.

       A certain time, given together with the date must always have the following form.

       hours:minutes[:seconds]
		       Each of the fields must be an integer value within the proper range (hours: 0-23, minutes and seconds: 0-59). Values  below
		       10 may be written as one digit numbers.

       The  time  value  may be placed anywhere in the date string: at the beginning, at the end, or somewhere in the middle. Any amount of white-
       space may be given between a field of the time value and the separating colon. The time is always considered to be local time.

       stWriteTime generates a time string similar to asctime(3) from its date argument.

SEE ALSO

       asctime(3)

BUGS

       Time Zone Names within the time string (like `MET') are not handled properly. In most cases they will cause a failure.

sttk-1.7						     Thu Jun 24 17:43:35 1993							 sttime(3)
All times are GMT -4. The time now is 09:11 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy