Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

sed 2 hours in log

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting sed 2 hours in log
# 15  
Old 02-13-2013
Good morning,

It's OK

I began to be embarrassed to ask questions constantly but :
1 - how redirect the output to another file instead of standard output.
2 - Sorry, I forgot the bracket in the pattern 24/01/2013 10:10 which becomes [24/01/2013 10:10]
I try things but the cure is worse than the problem itself.
Thanks in advance for yours invaluable help.

Code:
vi test

Code:
file=$1
if [ -f $file.gz ]
     then command="gunzip -c"
     else command=cat
fi
$command $file | awk -F"[/ ]" -v S="24/01/2013 10:10" -v E="24/01/2013 10:30" '
function dcmp(b) {
  if($3>b[3])return  1;
  if($3<b[3])return -1;
  if($2>b[2])return  1;
  if($2<b[2])return -1;
  if($1>b[1])return  1;
  if($1<b[1])return -1;
  if($4>b[4])return  1;
  if($4<b[4])return -1;
  return 0;
}
BEGIN{split(S, ds, "[/ ]"); split(E, de, "[/ ]") }
/^[0-9][0-9]\/[0-1][0-9]\/[0-9][0-9][0-9][0-9] / {
   if(s&&dcmp(de)>=0) {print; exit}
   if(!s&&dcmp(ds)<=0) {f=x;w=1}
   if(!s&&dcmp(ds)>=0) {printf "%s",f; f=x; s=1 }
}
!w&&!s {f=f $0 "\n"}
s

.
.
.
Last edited by amazigh42; 02-13-2013 at 06:15 AM..
# 16  
Old 02-13-2013
You miss the closing ' at the very end!
An exercise:
Code:
echo '
this
is
a
multiline
string'

And
Code:
echo '
line1
line2' > newfile

# 17  
Old 02-13-2013
Quote:
Originally Posted by MadeInGermany
You miss the closing ' at the very end!
An exercise:
Code:
echo '
this
is
a
multiline
string'

And
Code:
echo '
line1
line2' > newfile

Thanks MadeInGermany for your reply to my first question, can you answer my second question above because i'm drowned Smilie In fact there is bracket around the date [24/01/2013 10:10]
# 18  
Old 02-14-2013
Code:
file=$1
if [ -f $file.gz ]
     then command="gunzip -c"
     else command=cat
fi
$command $file | awk -F"[/ ]" -v S="24/01/2013 10:10" -v E="24/01/2013 10:30" '
function dcmp(b) {
  if($3>b[3])return  1;
  if($3<b[3])return -1;
  if($2>b[2])return  1;
  if($2<b[2])return -1;
  if($1>b[1])return  1;
  if($1<b[1])return -1;
  if($4>b[4])return  1;
  if($4<b[4])return -1;
  return 0;
}
BEGIN { split(S, ds, "[/ ]"); split(E, de, "[/ ]") }
/^\[?[0-9][0-9]\/[0-1][0-9]\/[0-9][0-9][0-9][0-9] / {
   sub("^\[",""); sub("\]$","");
   if(s&&dcmp(de)>=0) {print; exit}
   if(!s&&dcmp(ds)<=0) {f=x;w=1}
   if(!s&&dcmp(ds)>=0) {printf "%s",f; f=x; s=1 }
}
!w&&!s {f=f $0 "\n"}
s'

The awk 'script' is modified: ^\[? in the implicit if clause accepts a [ at the beginning of the line. The sub statements strip off a leading [ and a trailing ] so the rest of the awk script should work as before.
# 19  
Old 02-15-2013
Quote:
Originally Posted by MadeInGermany
Code:
file=$1
if [ -f $file.gz ]
     then command="gunzip -c"
     else command=cat
fi
$command $file | awk -F"[/ ]" -v S="24/01/2013 10:12" -v E="24/01/2013 10:28" '
function dcmp(b) {
  if($3>b[3])return  1;
  if($3<b[3])return -1;
  if($2>b[2])return  1;
  if($2<b[2])return -1;
  if($1>b[1])return  1;
  if($1<b[1])return -1;
  if($4>b[4])return  1;
  if($4<b[4])return -1;
  return 0;
}
BEGIN { split(S, ds, "[/ ]"); split(E, de, "[/ ]") }
/^\[?[0-9][0-9]\/[0-1][0-9]\/[0-9][0-9][0-9][0-9] / {
   sub("^\[",""); sub("\]$","");
   if(s&&dcmp(de)>=0) {print; exit}
   if(!s&&dcmp(ds)<=0) {f=x;w=1}
   if(!s&&dcmp(ds)>=0) {printf "%s",f; f=x; s=1 }
}
!w&&!s {f=f $0 "\n"}
s'

The awk 'script' is modified: ^\[? in the implicit if clause accepts a [ at the beginning of the line. The sub statements strip off a leading [ and a trailing ] so the rest of the awk script should work as before.
Hello,
It doesn't work with the above modifications Smilie
The script returns errors code.

I remember that with the initial conditions and these hours (10:12 and 10:28), i should have this display

[24/01/2013 10:10]
uuuuuuuuuuuuuuu
jjjjjjjjjjjjjj
llllllllllllll
mmmmmmmmmmmmm
[24/01/2013 10:30]

With these hours (10:30 and 10:47), i should have this display

[24/01/2013 10:30]
oooooooooooo
sssssssssssss
qqqqqqqqqqq
[24/01/2013 10:45]
vvvvvvvvv
sssssssss
wwwwwwwwww


With these hours (09:05 and 10:15), i should have thisdisplay

error jonas
aaaaaaaaaaaaaa
bbbbbbbbbbbbb
cccccccccccc
[24/01/2013 09:10]

I catch my breath.
Thank you for all.
Code:
./my_script server.log

The input file is
Code:
 cat server.log

Code:
error jonas
aaaaaaaaaaaaaa
bbbbbbbbbbbbb
cccccccccccc
[24/01/2013 09:10]
sssssssssssssss
cccccccccccccc
nnnnnnnnnnnnn
[24/01/2013 10:10]
uuuuuuuuuuuuuuu
jjjjjjjjjjjjjj
llllllllllllll
mmmmmmmmmmmmm
[24/01/2013 10:30]
oooooooooooo
sssssssssssss
qqqqqqqqqqq
[24/01/2013 10:45]
vvvvvvvvv
sssssssss
wwwwwwwwww

# 20  
Old 02-17-2013
This should correct the "[" and "]" chars around the data and time line.

Code:
file=$1
if [ -f $file.gz ]
     then command="gunzip -c"
     else command=cat
fi
$command $file | awk -F"[/ \\\][]" -vS="24/01/2013 10:12" -vE="24/01/2013 10:28" '
function dcmp(b) {
  if($4>b[3])return  1;
  if($4<b[3])return -1;
  if($3>b[2])return  1;
  if($3<b[2])return -1;
  if($2>b[1])return  1;
  if($2<b[1])return -1;
  if($5>b[4])return  1;
  if($5<b[4])return -1;
  return 0;
}
BEGIN{split(S, ds, "[/ ]"); split(E, de, "[/ ]") }
/^[[][0-9][0-9]\/[0-1][0-9]\/[[0-9][0-9][0-9][0-9] / {
   if(s&&dcmp(de)>=0) {print; exit}
   if(!s&&dcmp(ds)<=0) {f=x;w=1}
   if(!s&&dcmp(ds)>=0) {printf "%s",f; f=x; s=1 }
}
!w&&!s {f=f $0 "\n"}
s'

Can you explain your start+stop times criteria some more:

hours (10:12 and 10:28) Why does this start printing and 10:10, isn't that before the start time?

hours (09:05 and 10:15) why does it stop at 09:10?
This User Gave Thanks to Chubler_XL For This Post:
amazigh42
# 21  
Old 02-18-2013
Quote:
Originally Posted by Chubler_XL
This should correct the "[" and "]" chars around the data and time line.

Code:
file=$1
if [ -f $file.gz ]
     then command="gunzip -c"
     else command=cat
fi
$command $file | awk -F"[/ \\\][]" -vS="24/01/2013 10:12" -vE="24/01/2013 10:28" '
function dcmp(b) {
  if($4>b[3])return  1;
  if($4<b[3])return -1;
  if($3>b[2])return  1;
  if($3<b[2])return -1;
  if($2>b[1])return  1;
  if($2<b[1])return -1;
  if($5>b[4])return  1;
  if($5<b[4])return -1;
  return 0;
}
BEGIN{split(S, ds, "[/ ]"); split(E, de, "[/ ]") }
/^[[][0-9][0-9]\/[0-1][0-9]\/[[0-9][0-9][0-9][0-9] / {
   if(s&&dcmp(de)>=0) {print; exit}
   if(!s&&dcmp(ds)<=0) {f=x;w=1}
   if(!s&&dcmp(ds)>=0) {printf "%s",f; f=x; s=1 }
}
!w&&!s {f=f $0 "\n"}
s'

Can you explain your start+stop times criteria some more:

hours (10:12 and 10:28) Why does this start printing and 10:10, isn't that before the start time?

hours (09:05 and 10:15) why does it stop at 09:10?
Sorry for my written english.
Thank you to everyone who helped me out of trouble Smilie

I picked any random hours
In the logs there is the stamp time of webservices, i can see the behavior or errors of webservices. Just put the approximate times in order to have a portion of the log. This could also handle errors when the script does not find the right hour.
Can you exactly explain the red tag above [/ \\\][]
I wish I had a hundredth of your knowledge.
Last edited by amazigh42; 02-18-2013 at 03:31 PM..
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Parsing log file for last 2 hours

I want to parse a log file which i am grepping root user connection but is showing whole day and previous day detail as well. First i want to see last 2 hours log file then after that i want to search particular string. Lets suppose right now its 5:00PM, So i want to see the log of 3:00PM to... (6 Replies)
Discussion started by: learnbash
6 Replies

2. Shell Programming and Scripting

Log search and mail it if the log is updated before 24 hours from the current time

Hi , We have around 22 logs , each has different entries. I have to automate this using shell script. The ideas which am sharing is given below 1) We use only TAIL -100 <location and name of the log> Command to check the logs. 2) We want to check whether the log was updated before 24... (13 Replies)
Discussion started by: Kalaihari
13 Replies

3. Shell Programming and Scripting

Need help looking for missing hours.

I have a file that should cover a days worth of stats, at the beginning of each 15 minute report I have a unique header that looks like the below example. The "0000" and "0015" will change in the header line to show which 15 Minute interval the report is covering and of course from day to day the... (7 Replies)
Discussion started by: fsanchez
7 Replies

4. Shell Programming and Scripting

ps -ef |grep 24 hours

I need to grep PIDs older than 24 hours (1 day) or more. ps -ef |grep ??? Please advise. (10 Replies)
Discussion started by: Daniel Gate
10 Replies

5. AIX

cron off by 5 hours

stupid question im sure, but its frustrating My cron jobs are off by 5 hours. My system time is right but all of my cron jobs are running approximately 5 hours late. Any idea why? (4 Replies)
Discussion started by: mshilling
4 Replies

6. Shell Programming and Scripting

CurrentTime-4 hours

Hi, Good Afternoon! I am writing this script on "sh" and have Variables as below. #Time in hours ex: 09 JobTime=`echo $StartTime |awk '{print $2}'|cut -f1 -d':'` SystemHours=`date +%H` How can go 4 hours back for each variable in a day? Another Question? JobStat=`dsjob -report... (5 Replies)
Discussion started by: rajubollas
5 Replies

7. What is on Your Mind?

How Many hours on Computer?

How many hours you spend on Computer in a day??? (10 Replies)
Discussion started by: malcomex999
10 Replies

8. Shell Programming and Scripting

how to list files between last 6 hours to 3 hours

Hi Frens, I want to list some files from a directory, which contains "DONE" in their name, i am receiving files every minute. In this i want to list all the files which are newer than 6 hours but older than 3 hours, of current time i dont want my list to contain the latest files which are ... (4 Replies)
Discussion started by: Prat007
4 Replies

9. Shell Programming and Scripting

Last 24 hours of a log file

I'm looking to pull the last 24 hours of a log file. Here's what I've got so far: yesterday=$(TZ=$TZ+24 date +"%b %e %H:%M") today=$(date +"%b %e %H:%M") echo $yesterday $today grep -E "^$yesterday|^$today" /var/adm/syslog/syslog.log But that pulls everything from $yesterday from... (1 Reply)
Discussion started by: Bert
1 Replies

10. Shell Programming and Scripting

move log files over 12 hours old...

Hi, I know I can use touch and find's "! -newer" option to list files that are older than a specific time, but what is a good way to get a list of files that are over 12 hours old? The log pruner will run throughout the day, twice an hour. So I can't easily use a cronjob touch command to generate... (1 Reply)
Discussion started by: Thomas Pluck
1 Replies
Login or Register to Ask a Question