Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Search for text between two time frame using sed
Top Forums Shell Programming and Scripting Search for text between two time frame using sed Post 302765577 by Azher on Saturday 2nd of February 2013 08:54:03 PM
Old 02-02-2013
Question Search for text between two time frame using sed
I have log files with time stamps. I want to search for text between two time stamp using sed even if the first tme stamp or the last time stamp are not present. For e.g. if i search between 9:30 and 9:40 then it should return text even if 9:30 or 9:40 is not there but between 9:30 and 9:40 is present.
I am using a sed one liner:
Code:
sed -n '/7:30:/,/7:35:/p' xyz.log

But it only returns data if both the time stamps are present, it will print everything if one of the time stamp are missing. An if the time is in 12 hr format it will pull data for both AM and PM.
Additionally , i have different time stamps formats for different log files so i need a generic command.
following are some time format examples e.g.
Code:
<Jan 27, 2013 12:57:16 AM MST>Jan 29, 2013 8:58:12 AM 2013-01-31 06:44:04,883

One of them contains AM/PM i.e. 12 hr format and other cntains 24 hr format so i have to account for that as well.
I have tried this as weel but it doesnt work:
Code:
sed -n -e '/^2012-07-19 18:22:48/,/2012-07-23 22:39:52/p' history.log

Please help
Last edited by Scott; 02-02-2013 at 10:02 PM.. Reason: Please use code tags
 

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Sed Help.To Search Between Pattern1 And Pattern2 Containing Certain Text

Hi, Here is a sample of my Test File $ cat TestFile1 Prompt Table DQZ_ALTER_SCHEMA_ID; ALTER TABLE DQZ.DQZ_ALTER_SCHEMA_ID MONITORING; ALTER TABLE DQZ.DQZ_ALTER_SCHEMA_ID STORAGE ( NEXT 3464K ); Prompt Table DQZ_ALTER_SCHEMA_ID; ALTER TABLE DQZ.DQZ_ALTER_SCHEMA_ID MOVE LOB... (16 Replies)
Discussion started by: rajan_san
16 Replies

2. Shell Programming and Scripting

search string during a specific time frame

Can someone please help me with searching a string during a specific time frame. Below is the format of the time from my log file. "GET /AAM2009_wherewereheaded.wmv HTTP/1.1" 200 52307085 The search string I need is "AAM2009_wherewereheaded.wmv" I need to search the number of... (1 Reply)
Discussion started by: tadi18
1 Replies

3. Shell Programming and Scripting

Search text and append using SED?

I have file . cat hello.txt Hello World I would like to append a string "Today " so the output is cat hello.txt Hello World Today I dont know which line number does the "Hello World" appears otherwise I could have used the Line number to search and append . (3 Replies)
Discussion started by: gubbu
3 Replies

4. Shell Programming and Scripting

Shell Script to delete files within a particular time frame under multiple sub folders

Greetings! I'm looking for starting information for a shell script. Here's my scenario: I have multiple folders(100) for example: /www/test/applications/app1/logs /www/test/applications/app2/logs Within these folders there are log files files that need to be deleted after a month. ... (3 Replies)
Discussion started by: whysolucky
3 Replies

5. Shell Programming and Scripting

awk : Search for text between two time frame (12 hours)

I have created the script to grep the errors from weblogic logs files and redirecting output to file.txt ...From file.txt I'm using awk command to collect the past 20 mins output...The script running from cron every 15 mins... The script working well... Now the challenges, I'm trying to use... (27 Replies)
Discussion started by: zenkarthi
27 Replies

6. Shell Programming and Scripting

awk : collecting all data between two time frame

Hi Experts , I need your help to collect the complete data between two time frame from the log files, when I try awk it's collecting the data only which is printed with time stamp for example, awk works well from "16:00 to 17:30" but its not collecting <line*> "from 17:30 to 18:00" ... (8 Replies)
Discussion started by: zenkarthi
8 Replies

7. UNIX for Dummies Questions & Answers

UNIX Account getting Locked Everyday between same Time Frame

I am facing an Issue with a particular Unix Account ( ie a particular Userid) getting LOCKED everyday between 7:30am and 8:00am. The Password associated with this particular Account has been setup such that it should never Expire at all but it does LOCK the Account after more than 3 failed... (5 Replies)
Discussion started by: pchegoor
5 Replies

8. Shell Programming and Scripting

Help on script to capture info on log file for a particular time frame

Hi I have a system running uname -a Linux cmovel-db01 2.6.32-38-server #83-Ubuntu SMP Wed Jan 4 11:26:59 UTC 2012 x86_64 GNU/Linux I would like to capture the contents of /var/log/syslog from 11:00AM to 11:30AM and sent to this info via email. I was thinking in set a cron entry at that... (2 Replies)
Discussion started by: fretagi
2 Replies

9. UNIX for Beginners Questions & Answers

Need to filter the result set within 2 time frame

my sample file is like this $cat onefile 05/21/18 13:10:07 ABRT US1CPDAY Status 1 05/21/18 21:18:54 ABRT DailyBackup_VFFPRDAPENTL01 Status 6 05/21/18 21:26:24 ABRT DailyBackup_VFFPRDAPENTL02 Status 6 05/21/18 21:57:36 ABRT DailyBackup_vm-ea1ffpreng01 Status 6... (7 Replies)
Discussion started by: gotamp
7 Replies

LEARN ABOUT PHP

pcap-tstamp

PCAP-TSTAMP(7)						 Miscellaneous Information Manual					    PCAP-TSTAMP(7)

NAME

       pcap-tstamp - packet time stamps in libpcap

DESCRIPTION

       When  capturing traffic, each packet is given a time stamp representing, for incoming packets, the arrival time of the packet and, for out-
       going packets, the transmission time of the packet.  This time is an approximation of the arrival or transmission time.	If it is  supplied
       by the operating system running on the host on which the capture is being done, there are several reasons why it might not precisely repre-
       sent the arrival or transmission time:

	      if the time stamp is applied to the packet when the networking stack receives the packet, the networking stack  might  not  see  the
	      packet  until an interrupt is delivered for the packet or a timer event causes the networking device driver to poll for packets, and
	      the time stamp might not be applied until the packet has had some processing done by other code in the networking  stack,  so  there
	      might  be  a  significant delay between the time when the last bit of the packet is received by the capture device and when the net-
	      working stack time-stamps the packet;

	      the timer used to generate the time stamps might have low resolution, for example, it might be a timer updated once per host operat-
	      ing system timer tick, with the host operating system timer ticking once every few milliseconds;

	      a  high-resolution  timer might use a counter that runs at a rate dependent on the processor clock speed, and that clock speed might
	      be adjusted upwards or downwards over time and the timer might not be able to compensate for all those adjustments;

	      the host operating system's clock might be adjusted over time to match a time standard to which  the  host  is  being  synchronized,
	      which might be done by temporarily slowing down or speeding up the clock or by making a single adjustment;

	      different  CPU cores on a multi-core or multi-processor system might be running at different speeds, or might not have time counters
	      all synchronized, so packets time-stamped by different cores might not have consistent time stamps.

       In addition, packets time-stamped by different cores might be time-stamped in one order and added to the queue of packets  for  libpcap	to
       read in another order, so time stamps might not be monotonically increasing.

       Some  capture devices on some platforms can provide time stamps for packets; those time stamps are usually high-resolution time stamps, and
       are usually applied to the packet when the first or last bit of the packet arrives, and are thus more accurate than time stamps provided by
       the  host  operating  system.   Those  time stamps might not, however, be synchronized with the host operating system's clock, so that, for
       example, the time stamp of a packet might not correspond to the time stamp of an event on the host triggered by the arrival of that packet.

       Depending on the capture device and the software on the host, libpcap  might  allow  different  types  of  time	stamp  to  be  used.   The
       pcap_list_tstamp_types(3PCAP)  routine  provides,  for  a  packet  capture  handle  created  by pcap_create(3PCAP) but not yet activated by
       pcap_activate(3PCAP), a list of time stamp types supported by the capture device for that handle.  The list might be empty, in  which  case
       no  choice of time stamp type is offered for that capture device.  If the list is not empty, the pcap_set_tstamp_type(3PCAP) routine can be
       used after a pcap_create() call and before a pcap_activate() call to specify the type of time stamp to be used on  the  device.	 The  time
       stamp  types  are  listed  here;  the  first  value  is	the  #define  to  use  in  code,  the  second  value  is  the  value  returned	by
       pcap_tstamp_type_val_to_name() and accepted by pcap_tstamp_name_to_val().

	    PCAP_TSTAMP_HOST - host
		 Time stamp provided by the host on which the capture is being done.  The precision of this time stamp is unspecified; it might or
		 might not be synchronized with the host operating system's clock.

	    PCAP_TSTAMP_HOST_LOWPREC - host_lowprec
		 Time  stamp  provided	by the host on which the capture is being done.  This is a low-precision time stamp, synchronized with the
		 host operating system's clock.

	    PCAP_TSTAMP_HOST_HIPREC - host_hiprec
		 Time stamp provided by the host on which the capture is being done.  This is a high-precision time stamp; it might or	might  not
		 be synchronized with the host operating system's clock.  It might be more expensive to fetch than PCAP_TSTAMP_HOST_LOWPREC.

	    PCAP_TSTAMP_ADAPTER - adapter
		 Time stamp provided by the network adapter on which the capture is being done.  This is a high-precision time stamp, synchronized
		 with the host operating system's clock.

	    PCAP_TSTAMP_ADAPTER_UNSYNCED - adapter_unsynced
		 Time stamp provided by the network adapter on which the capture is being done.  This is a high-precision time stamp;  it  is  not
		 synchronized with the host operating system's clock.

SEE ALSO

       pcap_set_tstamp_type(3PCAP), pcap_list_tstamp_types(3PCAP), pcap_tstamp_type_val_to_name(3PCAP), pcap_tstamp_name_to_val(3PCAP)

								  22 August 2010						    PCAP-TSTAMP(7)
All times are GMT -4. The time now is 07:08 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy