Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

grep log lines logged in 10 min

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting grep log lines logged in 10 min
# 1  
Old 05-31-2012
grep log lines logged in 10 min
A log files has lines (1 line per each log for a majority; a few for 2 lines per each log)
PHP Code:
May 31 14:00:11 rtprodapp1 local2:notice sudo:    jdoe TTY=pts/PWD=/home/jdoe USER=root COMMAND=/usr/bin/su -
May 31 14:03:19 rtprodapp1 local2:notice sudo:    jdoe TTY=pts/PWD=/home/jdoe USER=root COMMAND=/usr/bin/su 
How do you grep the lines logged in 10 min?

Please advise.
# 2  
Old 05-31-2012
Do not understand.
Quote:
How do you grep the lines logged in 10 min?
What do you mean by 10 minutes?
Also, with only two lines in a file, hard to understand what you want selected.
# 3  
Old 05-31-2012
Quote:
Originally Posted by Daniel Gate
A log files has lines (1 line per each log for a majority; a few for 2 lines per each log)
PHP Code:
May 31 14:00:11 rtprodapp1 local2:notice sudo:    jdoe TTY=pts/PWD=/home/jdoe USER=root COMMAND=/usr/bin/su -
May 31 14:03:19 rtprodapp1 local2:notice sudo:    jdoe TTY=pts/PWD=/home/jdoe USER=root COMMAND=/usr/bin/su 
How do you grep the lines logged in 10 min?

Please advise.
Something like this? Check if the time duration of the next line is not longer than 10 minutes or 601 secs apart?

Code:
awk '{ getline a    { # first get next line
    split(a[3],t1,":")  #split hh:mm:ss
    split($3,t2,":") 
    t_first=t2[1]*3600 + t2[2]*60 + t2[3] # convert time into seconds
    t_next=t1[1]*3600 + t1[2]*60 + t1[3]
    duration=(t_next-t_first) # get the difference
    {if($1 ~ a[1] && $2 ~ a[2] && duration<601) print $0; a} # check if the date is the same and the duration not more than 601 seconds apart
    }}' logfile > outfile

# 4  
Old 06-01-2012
PHP Code:
awk '{ getline a    { 
>     split(a[3],t1,":") 
>     split($3,t2,":") 
>     t_first=t2[1]*3600 + t2[2]*60 + t2[3] 
>     t_next=t1[1]*3600 + t1[2]*60 + t1[3]
>     duration=(t_next-t_first) # get the difference
>     {if($1 ~ a[1] && $2 ~ a[2] && duration<601) print $0; a} 
>     }}' mylog
 Syntax Error The source line is 1.
 The error context is
                getline a    >>>  { <<< 
 awk0602-502 The statement cannot be correctly parsedThe source line is 1.
 Syntax Error The source line is 8. 
It complains about the parse.

Please advise.
# 5  
Old 06-04-2012
@ Daniel_Gate

Sorry, needed to rewrite the script, hope this will fit your needs. It will check if the next logged line is not more than 10 minutes or 600 seconds apart. Store the script into a script file:

Code:
awk -f check_log_time.awk logfile >outfile

Code:
    BEGIN{mon="dummy";d=0;t2=0}
    {
    {
    split($3,t1,":"); t=3600*t1[1] + 60*t1[2] + t1[3]; t3=t-t2
    {if ($1 ~ mon && $2 ~ d && t3<601) print "Difference to previous line sec: " t3 "\r" $0 }
    }
    mon=$1; d=$2; t2=t
    }

Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Extract lines if string found from last 30 min only

Hi guys, Appreciate your help as I am stuck with searching the logs for last 30 minutes from the current time. Current time is time when you execute the script and it will search for <string> through the logs for last 30 minutes only and if <string> found then print those lines only. The... (18 Replies)
Discussion started by: rockstar
18 Replies

2. Shell Programming and Scripting

Find min and max time taken from a log file

You have a log file as attached in sample input with various operations and time taken by each of them. Write a script to find the min and max time taken for each operation. Sample output is attached. Sample Input is given as below: operation1,83621 operation2,72321 operation3,13288... (1 Reply)
Discussion started by: Chandan_Bose
1 Replies

3. Shell Programming and Scripting

Extract lines with min value, using two field separators.

I have a file with two ID columns followed by five columns of counts in fraction form. I'd like to print lines that have a count of at least 4 (so at least 4 in the numerator, e.g. 4/17) in at least one of the five columns. Input file: comp51820_c1_seq1 693 0/29 0/50 0/69 0/36 0/31... (6 Replies)
Discussion started by: pathunkathunk
6 Replies

4. Shell Programming and Scripting

Grep all lines for a specific date in log-files

I need to grep all lines for "yesterday" in /var/log/messages. Dates are in the format "YYYY-MM-DD". (5 Replies)
Discussion started by: Padmanabhan
5 Replies

5. Shell Programming and Scripting

AWK script - extracting min and max values from selected lines

Hi guys! I'm new to scripting and I need to write a script in awk. Here is example of file on which I'm working ATOM 4688 HG1 PRO A 322 18.080 59.680 137.020 1.00 0.00 ATOM 4689 HG2 PRO A 322 18.850 61.220 137.010 1.00 0.00 ATOM 4690 CD ... (18 Replies)
Discussion started by: grincz
18 Replies

6. Shell Programming and Scripting

script use min resource ( grep grep)

Hi i wrote script use it as watchdog ( i mean it check another program (pooya) whenever that was killed (closed or crashed) it run another script (pooya_start.sh) to start it, this script work fine and do the job for me , i need help of an expert to tell me (exact command) how to change this... (8 Replies)
Discussion started by: pooyair
8 Replies

7. Shell Programming and Scripting

find top 4 users currently logged on can i use grep

For the first 4 users only that are currently logged in output their effective user id. It's not important the order in which each logged in i just want to have the top 4. Same question as here...... (0 Replies)
Discussion started by: whyatepies
0 Replies

8. Shell Programming and Scripting

grep for last 15 min of log

I need help trying to grep for a error in log file for only last 15 min. example under /var/adm/messages i need to grep for "error 102" but only if it occured in last 15 mins? Thanks (7 Replies)
Discussion started by: shehzad_m
7 Replies

9. Shell Programming and Scripting

Help me! grep the log file without blank lines in column

Hi, I have log file like this: i want grep the log file without blank lines in column 4. So the file is become like this : What is the command? please help me. (1 Reply)
Discussion started by: justbow
1 Replies

10. UNIX for Dummies Questions & Answers

Best approach for a 10 min extract out of several log files with timestamped records

I have a task where I need to code a shell script to extract a 10 min range (10 min from now until now) extract of a log file. I taught I could simply use a command that would say something like Start=date - 10 min but I didn't find anything. Looks like the only solution would have to code a... (3 Replies)
Discussion started by: Browser_ice
3 Replies
Login or Register to Ask a Question