Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

awk : Search for text between two time frame (12 hours)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting awk : Search for text between two time frame (12 hours)
# 15  
Old 11-21-2013
Appreciate your help, My expectation to collect all data's within two time frame from the logs files

Code:
$ awk -f dconv2.awk data
$

Details in the logs files

Code:
$ more data
####<Nov 19, 2013 7:10:04 PM UTC> TimedOutException <Test-hostname>
outofmemory
test
foo
####<Nov 19, 2013 7:29:04 PM UTC> RRTUCKR <Test-hostname>
ABC
OutofMemory
####<Nov 19, 2013 7:35:04 PM UTC> RRSTUCKR <Test-hostname>
####<Nov 19, 2013 8:19:04 PM UTC> TimedOutException <Test-hostname>
        at outofmemory
        at test
        at foo
####<Nov 19, 2013 8:29:04 PM UTC> RRTUCKR <Test-hostname>
ABC
OutofMemory
####<Nov 19, 2013 8:35:04 PM UTC> RRSTUCKR <Test-hostname>
####<Nov 19, 2013 9:10:04 PM UTC> TimedOutException <Test-hostname>
outofmemory
test
foo
####<Nov 19, 2013 9:29:04 PM UTC> RRTUCKR <Test-hostname>
ABC
OutofMemory
####<Nov 19, 2013 9:35:04 PM UTC> RRSTUCKR <Test-hostname>
$


The following command collecting the previous log details as well ... from time is mentioned as 20:10 but its collecting from beginning to till 'to'

Code:
$ awk -f dconv2.awk 'from=2013 11 19 20 10 00' 'to=2013 11 19 21 00 49' data
####<Nov 19, 2013 7:10:04 PM UTC> TimedOutException <Test-hostname>
outofmemory
test
foo
####<Nov 19, 2013 7:29:04 PM UTC> RRTUCKR <Test-hostname>
ABC
OutofMemory
####<Nov 19, 2013 7:35:04 PM UTC> RRSTUCKR <Test-hostname>
####<Nov 19, 2013 8:19:04 PM UTC> TimedOutException <Test-hostname>
        at outofmemory
        at test
        at foo
####<Nov 19, 2013 8:29:04 PM UTC> RRTUCKR <Test-hostname>
ABC
OutofMemory
####<Nov 19, 2013 8:35:04 PM UTC> RRSTUCKR <Test-hostname>
$

# 16  
Old 11-21-2013
It gives this output on my system:

Code:
$ awk -f dconv2.awk 'from=2013 11 19 20 10 00' 'to=2013 11 19 21 00 49' data

####<Nov 19, 2013 8:19:04 PM UTC> TimedOutException <Test-hostname>
outofmemory
test
foo
####<Nov 19, 2013 8:29:04 PM UTC> RRTUCKR <Test-hostname>
ABC
OutofMemory
####<Nov 19, 2013 8:35:04 PM UTC> RRSTUCKR <Test-hostname>

$

Try nawk if its misbehaving on yours.
# 17  
Old 11-21-2013
I have tried different linux servers but all are showing the same output... Installing nawk again its little pain to get the approval on Prod.

I'm using the same dconv2.awk which you provided me...I hope no difference...

Code:
more dconv2.awk
BEGIN {
        FS="[#<> ,:]+"
        # Build tables so MON["Jan"] becomes 1, etc.
        split("Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec", M);
        for(X in M) MON[M[X]]=X
        for(X=1; X<=11; X++) { T[X"AM"]=X ; T[X"PM"]=X+12 }
        T["12PM"]=12;        T["12AM"]=24;
}

{
        YYMMDD=sprintf("%04d %02d %02d %02d %02d %02d",
                $4, MON[$2], $3, T[$5 $8], $6, $7);
        A[++LINE]=$0
}

/####/ {
        S=E
        E=YYMMDD

        if((S >= from) && (E >= from) && (S <= to) && (E <= to))
        {
                for(X=1; X<=LINE; X++) print A[X];
                LINE=0
        }
}

# 18  
Old 11-21-2013
It really does appear exactly the same.

You don't need nawk in Linux, the default on most systems is GNU awk anyway which is more than good enough. Some systems have mawk instead which is pretty good these days too, but you can force it to use GNU awk with gawk.

Perhaps your data isn't exactly as you've posted. Maybe alter the FS line into FS="[#<> ,:\t]+" in case your text includes literal tabs. If that doesn't work could you attach a file rather than pasting it please?
# 19  
Old 11-21-2013
PFA , Thanks for your help.
Log details.txt (4.8 KB) 
# 20  
Old 11-22-2013
From the way you pasted other text into the file it certainly looks like you assembled this text file via pasting too. It looks full of things which might have been raw tabs once but certainly aren't now. Did you try my suggestion?
# 21  
Old 11-22-2013
Hmmm. You might try changing this line:

Code:
{
        YYMMDD=sprintf("%04d %02d %02d %02d %02d %02d",
                $4, MON[$2], $3, T[$5 $8], $6, $7);
        if((S >= from) && (S <= to)) A[++LINE]=$0
}

Again though, having no data which demonstrates the problem, I am totally wild-guessing here.
This User Gave Thanks to Corona688 For This Post:
zenkarthi
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Need to filter the result set within 2 time frame

my sample file is like this $cat onefile 05/21/18 13:10:07 ABRT US1CPDAY Status 1 05/21/18 21:18:54 ABRT DailyBackup_VFFPRDAPENTL01 Status 6 05/21/18 21:26:24 ABRT DailyBackup_VFFPRDAPENTL02 Status 6 05/21/18 21:57:36 ABRT DailyBackup_vm-ea1ffpreng01 Status 6... (7 Replies)
Discussion started by: gotamp
7 Replies

2. Shell Programming and Scripting

Help on script to capture info on log file for a particular time frame

Hi I have a system running uname -a Linux cmovel-db01 2.6.32-38-server #83-Ubuntu SMP Wed Jan 4 11:26:59 UTC 2012 x86_64 GNU/Linux I would like to capture the contents of /var/log/syslog from 11:00AM to 11:30AM and sent to this info via email. I was thinking in set a cron entry at that... (2 Replies)
Discussion started by: fretagi
2 Replies

3. Shell Programming and Scripting

Awk:String search more than one time and capture OP

Dear All During one of mine script developemnt i am stuch at one sub part. Requiremnt is as below kindly help me. IP file: 2015-02-28 10:10:15 AL M UtranCell UtranCell=RTE001X (unavailable) 2015-02-28 10:10:15 AL M UtranCell UtranCell=RTE001Y (unavailable) 2015-02-28 10:10:15 AL M... (6 Replies)
Discussion started by: jaydeep_sadaria
6 Replies

4. UNIX for Dummies Questions & Answers

UNIX Account getting Locked Everyday between same Time Frame

I am facing an Issue with a particular Unix Account ( ie a particular Userid) getting LOCKED everyday between 7:30am and 8:00am. The Password associated with this particular Account has been setup such that it should never Expire at all but it does LOCK the Account after more than 3 failed... (5 Replies)
Discussion started by: pchegoor
5 Replies

5. Shell Programming and Scripting

awk : collecting all data between two time frame

Hi Experts , I need your help to collect the complete data between two time frame from the log files, when I try awk it's collecting the data only which is printed with time stamp for example, awk works well from "16:00 to 17:30" but its not collecting <line*> "from 17:30 to 18:00" ... (8 Replies)
Discussion started by: zenkarthi
8 Replies

6. Shell Programming and Scripting

Log search and mail it if the log is updated before 24 hours from the current time

Hi , We have around 22 logs , each has different entries. I have to automate this using shell script. The ideas which am sharing is given below 1) We use only TAIL -100 <location and name of the log> Command to check the logs. 2) We want to check whether the log was updated before 24... (13 Replies)
Discussion started by: Kalaihari
13 Replies

7. Shell Programming and Scripting

Perl : unable to frame code with Business:Hours module with example

Hi all , There are two datetimes in the below format $datetime1="2007-12-31 16:50:00"; $datetime2="2008-1-1 04:24:00"; I need to calculate time in minutes only in between the office hours.(08:00 to 18:00 ). in PERL. For the above requirement I found a module Business::Hours that... (4 Replies)
Discussion started by: scriptscript
4 Replies

8. Shell Programming and Scripting

Search for text between two time frame using sed

I have log files with time stamps. I want to search for text between two time stamp using sed even if the first tme stamp or the last time stamp are not present. For e.g. if i search between 9:30 and 9:40 then it should return text even if 9:30 or 9:40 is not there but between 9:30 and 9:40 is... (8 Replies)
Discussion started by: Azher
8 Replies

9. Shell Programming and Scripting

Shell Script to delete files within a particular time frame under multiple sub folders

Greetings! I'm looking for starting information for a shell script. Here's my scenario: I have multiple folders(100) for example: /www/test/applications/app1/logs /www/test/applications/app2/logs Within these folders there are log files files that need to be deleted after a month. ... (3 Replies)
Discussion started by: whysolucky
3 Replies

10. Shell Programming and Scripting

search string during a specific time frame

Can someone please help me with searching a string during a specific time frame. Below is the format of the time from my log file. "GET /AAM2009_wherewereheaded.wmv HTTP/1.1" 200 52307085 The search string I need is "AAM2009_wherewereheaded.wmv" I need to search the number of... (1 Reply)
Discussion started by: tadi18
1 Replies
Login or Register to Ask a Question