Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Collecting logs between two time stamps
Top Forums Shell Programming and Scripting Collecting logs between two time stamps Post 302939883 by jerryknj on Monday 30th of March 2015 02:51:03 PM
Old 03-30-2015
Thank you...

Yes, I gave him sample output to understand the date field.

please correct me, the below script not helping to get my excepted output...

Code:
#log
log1=/app/applicationdir/log/test.log

# Time stamp
to=`date "+%Y-%m-%d %H:%M:%S"`
from=`date "+%Y-%m-%d %H:%M:%S" -d "-20 minutes"`

#echo $from

awk -F, '
function dform(v){
                    gsub(/[-:]/," ",v)
                    return mktime(v)
                 }
           NR==1 {
                    start = dform(start)
                     end  = dform(end)
                 }
    dform($10)!=-1{
                    f = dform($10)>=start && dform($10) <= end ? 1 : 0
                 }f
        ' start="$from" end="$to" $log1 > /tmp/xyzlog.txt

 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

comparing time stamps

Hello All, I'm generating timestamps (file creation timestamps) for all the files in a directory. I need to compare all the timestamps. for example if i have 4 files and their timestamps are 20091125114556, 20091125114556,20091125114556,20091125114556 respectively. I need to differentiate... (1 Reply)
Discussion started by: RSC1985
1 Replies

2. Shell Programming and Scripting

comparing time stamps

Hello All, I'm generating timestamps (file creation timestamps) for all the files in a directory. I need to compare all the timestamps. for example if i have 4 files and their timestamps are 20091125114556, 20091125114556,20091125114556,20091125114556 respectively. I need to differentiate... (9 Replies)
Discussion started by: RSC1985
9 Replies

3. Red Hat

Collecting logs by running command

Hi, i am a general user of linux but we work mostly on windows next i am moving full time on linux. here is my question: We have product which consist or several subsystem each subsystem has one module to create logs file dump. and i am going to write that support dump tool. we need to... (3 Replies)
Discussion started by: ajayyadavmca
3 Replies

4. Shell Programming and Scripting

Time difference between two time stamps

Hi Friends, I have 2 varaibles which contain START=`date '+ %m/%d/%y %H:%M:%S'` END=`date '+ %m/%d/%y %H:%M:%S'` i want the time difference between the two variables in Seconds. Plz help. (2 Replies)
Discussion started by: i150371485
2 Replies

5. Shell Programming and Scripting

date time stamps in bash

I'm looking for a way to have the "date" command output the date in a specific format. I'm not familiar with the different ways to use the date command at all. i read up on it, but i dont get how to manipulate it. i know that i can get the date format to give me a format like: 2012-10-13... (6 Replies)
Discussion started by: SkySmart
6 Replies

6. Shell Programming and Scripting

Increment time stamps.

Hi Gents. Please can you help me to solve a problem. I have a long list of files, which I need to change the time stamp. -r--r--r-- 1 geo2 geovect 47096216 Feb 8 10:40 00000009.segd -r--r--r-- 1 geo2 geovect 47096216 Feb 8 10:40 00000010.segd -r--r--r-- 1 geo2 geovect 47096216 Feb ... (11 Replies)
Discussion started by: jiam912
11 Replies

7. Shell Programming and Scripting

How to get the Logs between two Time Stamps?

Hi, I have been working on the error Log script, where errors are pulled from server. I need to pull the data of the error logs between two dates & time, for example : 22/12/2014 20:00:00 22/12/2014 22:00:00 Whatever error have came during this duration. Now the question is the record... (6 Replies)
Discussion started by: amitgpta90
6 Replies

8. Windows & DOS: Issues & Discussions

Cygwin_openssh time stamps

I've installed cygwin_openssh on Windows 2012 R2 and it's working great. My issue is when a file is uploaded say from a different timezone, when it is uploaded, it doesnt pick up the sftp servers time.. Is there a way to fix that? i.e. When someone in PST uploads a file to this server in EST,... (0 Replies)
Discussion started by: MikeAdkins
0 Replies

9. UNIX for Advanced & Expert Users

Syslog-ng not working not collecting logs on rhel

Hi, I need help on syslog-ng on RHEL 7.2. It is working as expected. As per configuration, it is supposed to create authlog, messages and xymessages daily in respective folder of date. But I can see only messages file and that is also not updating well. # ps -ef | grep -i syslog root 22954... (1 Reply)
Discussion started by: solaris_1977
1 Replies

LEARN ABOUT CENTOS

auvirt

AUVIRT(8)						  System Administration Utilities						 AUVIRT(8)

NAME

       auvirt - a program that shows data related to virtual machines

SYNOPSIS

       auvirt [ OPTIONS ]

DESCRIPTION

       auvirt  shows  a  list of guest sessions found in the audit logs. If a guest is specified, only the events related to that guest is consid-
       ered. To specify a guest, both UUID or VM name can be given.

       For each guest session the tool prints a record with the domain name, the user that started the guest, the time when the guest was  started
       and the time when the guest was stoped.

       If  the	option	"--all-events"	is given a more detailed output is shown. In this mode other records are shown for guest's stops, resource
       assignments, host shutdowns and AVC and anomaly events. The first field indicates the event type and can have the following values:  start,
       stop, res, avc, anom and down (for host shutdowns).

       Resource  assignments have the additional fields: resource type, reason and resource. And AVC records have the following additional fields:
       operation, result, command and target.

       By default, auvirt reads records from the system audit log file. But --stdin and --file options can be specified to change this behavior.

OPTIONS

       --all-events
	      Show records for all virtualization related events.

       --debug
	      Print debug messages to standard output.

       -f, --file file
	      Read records from the given file instead from the system audit log file.

       -h, --help
	      Print help message and exit.

       --proof
	      Add after each event a line containing all the identifiers of the audit records used to calculate the event.  Each  identifier  con-
	      sists of unix time, milliseconds and serial number.

       --show-uuid
	      Add the guest's UUID to each record.

       --stdin
	      Read records from the standard input instead from the system audit log file.  This option cannot be specified with --file.

       --summary
	      Print  a	summary  with  information  about the events found. The summary contains the considered range of time, the number of guest
	      starts and stops, the number of resource assignments, the number of AVC and anomaly events, the number of  host  shutdowns  and  the
	      number of failed operations.

       -te, --end [end-date] [end-time]
	      Search for events with time stamps equal to or before the given end time. The format of end time depends on your locale. If the date
	      is omitted, today is assumed. If the time is omitted, now is assumed. Use 24 hour clock time rather than AM or PM to  specify  time.
	      An example date using the en_US.utf8 locale is 09/03/2009. An example of time is 18:00:00. The date format accepted is influenced by
	      the LC_TIME environmental variable.

	      You may also use the word: now, recent, today, yesterday, this-week, week-ago, this-month,  this-year.  Today  means  starting  now.
	      Recent  is  10 minutes ago. Yesterday is 1 second after midnight the previous day.  This-week means starting 1 second after midnight
	      on day 0 of the week determined by your locale (see localtime). This-month means 1 second after midnight on  day	1  of  the  month.
	      This-year means the 1 second after midnight on the first day of the first month.

       -ts, --start [start-date] [start-time]
	      Search  for events with time stamps equal to or after the given end time. The format of end time depends on your locale. If the date
	      is omitted, today is assumed. If the time is omitted, midnight is assumed. Use 24 hour clock time rather than AM or  PM  to  specify
	      time.  An example date using the en_US.utf8 locale is 09/03/2009. An example of time is 18:00:00. The date format accepted is influ-
	      enced by the LC_TIME environmental variable.

	      You may also use the word: now, recent, today, yesterday, this-week, this-month, this-year.  Today means starting at 1 second  after
	      midnight.  Recent is 10 minutes ago. Yesterday is 1 second after midnight the previous day.  This-week means starting 1 second after
	      midnight on day 0 of the week determined by your locale (see localtime). This-month means 1 second after midnight on day	1  of  the
	      month. This-year means the 1 second after midnight on the first day of the first month.

       -u, --uuid  UUID
	      Only show events related to the guest with the given UUID.

       -v, --vm  name
	      Only show events related to the guest with the given name.

EXAMPLES

       To see all the records in this month for a guest

       auvirt --start this-month --vm GuestVmName --all-events

SEE ALSO

       aulast(8), ausearch(8), aureport(8).

AUTHOR

       Marcelo Cerri

IBM Corp							     Dec 2011								 AUVIRT(8)
All times are GMT -4. The time now is 11:24 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy