Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

How to extract logs between the current time and the last 15 minutes ?

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting How to extract logs between the current time and the last 15 minutes ?
# 1  
Old 05-25-2016
Linux How to extract logs between the current time and the last 15 minutes ?
I want to extract the logs between the current time stamp and 15 minutes before and sent an email to the people configured. I developed the below script but it's not working properly; can someone help me?? I have a log file containing this pattern:

Code:
[2016-05-24T00:58:04.508-04:00] [oim_server1] [TRACE:32] [] [oracle.iam.scheduler.impl.quartz] [tid: OIMQuartzScheduler_QuartzSchedulerThread] [userId: oiminternal] [ecid: 0000LI6NBsP4yk4LzUS4yW1NBABd000003,1:21904] [APP: oim#11.1.2.0.0] [SRC_CLASS: oracle.iam.scheduler.impl.quartz.QuartzJob] [SRC_METHOD: <init>] Constructor  QuartzJob
[2016-05-24T00:58:04.508-04:00] [oim_server1] [TRACE:32] [] [oracle.iam.scheduler.impl.quartz] [tid: OIMQuartzScheduler_QuartzSchedulerThread] [userId: oiminternal] [ecid: 0000LI6NBsP4yk4LzUS4yW1NBABd000003,1:21904] [APP: oim#11.1.2.0.0] [SRC_CLASS: oracle.iam.scheduler.impl.quartz.QuartzJob] [SRC_METHOD: <init>] Constructor  QuartzJob
[2016-05-24T00:58:04.513-04:00] [oim_server1] [TRACE:32] [] [oracle.iam.scheduler.impl.quartz] [tid: OIMQuartzScheduler_Worker-1] [userId: oiminternal] [ecid: 0000LI6NBsP4yk4LzUS4yW1NBABd000003,1:21908] [APP: oim#11.1.2.0.0] [SRC_CLASS: oracle.iam.scheduler.impl.quartz.QuartzTriggerListener] [SRC_METHOD: triggerFired] Trigger state 0
[2016-05-24T00:58:04.515-04:00] [oim_server1] [TRACE:32] [] [oracle.iam.scheduler.impl.quartz] [tid: OIMQuartzScheduler_Worker-1] [userId: oiminternal] [ecid: 0000LI6NBsP4yk4LzUS4yW1NBABd000003,1:21908] [APP: oim#11.1.2.0.0] [SRC_CLASS: oracle.iam.scheduler.impl.quartz.QuartzTriggerListener] [SRC_METHOD: triggerFired] Trigger state 0
[2016-05-24T00:58:04.516-04:00] [oim_server1] [TRACE:32] [] [oracle.iam.scheduler.impl.quartz] [tid: OIMQuartzScheduler_Worker-1] [userId: oiminternal] [ecid: 0000LI6NBsP4yk4LzUS4yW1NBABd000003,1:21908] [APP: oim#11.1.2.0.0] [SRC_CLASS: oracle.iam.scheduler.impl.quartz.QuartzTriggerListener] [SRC_METHOD: triggerFired] Trigger Listener QuartzTriggerListener.triggerFired(Trigger trigger, JobExecutionContext ctx)
[2016-05-24T01:00:04.513-04:00] [oim_server1] [WARNING] [] [oracle.iam.scheduler.vo] [tid: OIMQuartzScheduler_Worker-7] [userId: oiminternal] [ecid: 0000LI6NBsP4yk4LzUS4yW1NBABd000003,1:21956] [APP: oim#11.1.2.0.0] IAM-1020021 Unable to execute job : CmyAccess Flat File WD Candidate with Job History Id:1336814[[
org.identityconnectors.framework.common.exceptions.ConfigurationException: Directory does not contain normal files to read HR-76
    at org.identityconnectors.flatfile.utils.FlatFileUtil.assertValidFilesinDir(FlatFileUtil.java:230)
    at org.identityconnectors.flatfile.utils.FlatFileUtil.getDir(FlatFileUtil.java:176)
    at org.identityconnectors.flatfile.utils.FlatFileUtil.getFlatFileDir(FlatFileUtil.java:182)
    at org.identityconnectors.flatfile.FlatFileConnector.executeQuery(FlatFileConnector.java:134)
    at org.identityconnectors.flatfile.FlatFileConnector.executeQuery(FlatFileConnector.java:58)
    at org.identityconnectors.framework.impl.api.local.operations.SearchImpl.rawSearch(SearchImpl.java:105)
    at org.identityconnectors.framework.impl.api.local.operations.SearchImpl.search(SearchImpl.java:82)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:606)
    at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:93)
    at com.sun.proxy.$Proxy735.search(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:606)
    at org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:107)
    at com.sun.proxy.$Proxy735.search(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:606)
    at org.identityconnectors.framework.impl.api.BufferedResultsProxy$BufferedResultsHandler.run(BufferedResultsProxy.java:162)

The script I have written counts the errors found and stores them in a file with the number; if the error count increases it will run the script and send a mail. I can configure cron for this but the script I have written is not working fine. Can someone help me to extract logs between the current time and the last 15 minutes and generate a temp file?

Code:
LogDir=/data/app/Oracle/Middleware/user_projects/domains/oim_domain/servers/oim_server1/logs
EMAIL1=xxx@gmail.com
SUBJECT=Failed
MESSAGE="Scheduler failed"
SMTP="SMTPHOSTNAME"
SENDER=no-reply@gmail.com



   NOW=$(date +"%FT%T.000%-04:00")
T2=$(date --date='15 minutes ago' +"%FT%T.000%-04:00")
OUT=/tmp/oim_server1-diagnostic_$(date +%F-%H-%M).log


find $LogDir -mmin -15 -name "oim_server1-diagnostic.log" > files.txt

count=0;
if [ -f lastCount ]; then
 count=$(cat lastCount)
fi


while read file
do
        echo "reading file \n " $file
        currentCount=$(grep -c 'Directory does not contain normal files to read HR-76' $file)
        if [  $currentCount -ne $count  -a  $currentCount -ne 0  ];then
                echo "Error Found " $currentCount
               awk -v TSTART="[$T2]" -v TEND="[$NOW]" '$1>=TSTART && $1<=TEND' $LogDir/oim_server1-diagnostic.log > "$OUT"
                                test -s $OUT &&
                                        echo -e "$MESSAGE" | mailx -S smtp="$SMTP" -a "$OUT" -r "$SENDER" -s "$SUBJECT" "$EMAIL1"
                                        rm -f "$OUT"
        fi;
        echo $currentCount > lastCount
done < files.txt

I want to extract all logs between two timestamps. Some lines may not have the timestamp, but I want those lines also. In short, I want every line that falls under two time stamps. This script is giving me log file only have timestamp and rest all the lines are missing any suggestion ??? Please note the start time stamp or end time stamp may not be there in all lines of the log, but I want every line between these two time stamps. Sample generation of above log mentioned by the above script:

Code:
[2016-05-24T00:58:04.508-04:00] [oim_server1] [TRACE:32] [] [oracle.iam.scheduler.impl.quartz] [tid: OIMQuartzScheduler_QuartzSchedulerThread] [userId: oiminternal] [ecid: 0000LI6NBsP4yk4LzUS4yW1NBABd000003,1:21904] [APP: oim#11.1.2.0.0] [SRC_CLASS: oracle.iam.scheduler.impl.quartz.QuartzJob] [SRC_METHOD: <init>] Constructor  QuartzJob
[2016-05-24T00:58:04.508-04:00] [oim_server1] [TRACE:32] [] [oracle.iam.scheduler.impl.quartz] [tid: OIMQuartzScheduler_QuartzSchedulerThread] [userId: oiminternal] [ecid: 0000LI6NBsP4yk4LzUS4yW1NBABd000003,1:21904] [APP: oim#11.1.2.0.0] [SRC_CLASS: oracle.iam.scheduler.impl.quartz.QuartzJob] [SRC_METHOD: <init>] Constructor  QuartzJob
[2016-05-24T00:58:04.513-04:00] [oim_server1] [TRACE:32] [] [oracle.iam.scheduler.impl.quartz] [tid: OIMQuartzScheduler_Worker-1] [userId: oiminternal] [ecid: 0000LI6NBsP4yk4LzUS4yW1NBABd000003,1:21908] [APP: oim#11.1.2.0.0] [SRC_CLASS: oracle.iam.scheduler.impl.quartz.QuartzTriggerListener] [SRC_METHOD: triggerFired] Trigger state 0
[2016-05-24T00:58:04.515-04:00] [oim_server1] [TRACE:32] [] [oracle.iam.scheduler.impl.quartz] [tid: OIMQuartzScheduler_Worker-1] [userId: oiminternal] [ecid: 0000LI6NBsP4yk4LzUS4yW1NBABd000003,1:21908] [APP: oim#11.1.2.0.0] [SRC_CLASS: oracle.iam.scheduler.impl.quartz.QuartzTriggerListener] [SRC_METHOD: triggerFired] Trigger state 0
[2016-05-24T00:58:04.516-04:00] [oim_server1] [TRACE:32] [] [oracle.iam.scheduler.impl.quartz] [tid: OIMQuartzScheduler_Worker-1] [userId: oiminternal] [ecid: 0000LI6NBsP4yk4LzUS4yW1NBABd000003,1:21908] [APP: oim#11.1.2.0.0] [SRC_CLASS: oracle.iam.scheduler.impl.quartz.QuartzTriggerListener] [SRC_METHOD: triggerFired] Trigger Listener QuartzTriggerListener.triggerFired(Trigger trigger, JobExecutionContext ctx)
[2016-05-24T01:00:04.513-04:00] [oim_server1] [WARNING] [] [oracle.iam.scheduler.vo] [tid: OIMQuartzScheduler_Worker-7] [userId: oiminternal] [ecid: 0000LI6NBsP4yk4LzUS4yW1NBABd000003,1:21956] [APP: oim#11.1.2.0.0] IAM-1020021 Unable to execute job : CmyAccess Flat File WD Candidate with Job History Id:1336814[[

# 2  
Old 05-25-2016
Since your timestamps are in YYYY-MM-HH HH:MM:SS order you can compare dates with simple string comparisons here.

Code:
awk -v FIRST="2016-05-24T00:00:00.000" -v LAST="2016-05-24-T01:00:00.000" '
BEGIN {
        FIRST="["FIRST"-04:00]"
        LAST="["LAST"-04:00]"
}
$1 ~ /[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]/ {
        P=0;
        if(($1 >= FIRST) && ($1 <= LAST)) { P=1; }
}
P' inputfile

# 3  
Old 05-26-2016
@Corona688: Thank you. It solves my purpose.
# 4  
Old 05-26-2016
Hi Puneetkhular,

You can also use sed to achieve this.

Code:
sed -n '/start time/,/endtime/p' logfile
sed -n '/05\/26\/2016 02:41:56/,/05\/26\/2016 02:41:57/p' logfile

hope, this helps.




Moderator's Comments:
Mod Comment Please use code tags as required by forum rules!
Last edited by RudiC; 05-26-2016 at 06:31 AM.. Reason: Added code tags.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Check file creation Time minutes and if file older then 5 minutes execute some stuff

Hello all, Info: System RedHat 7.5 I need to create a script that based on the creation time, if the file is older then 5 minutes then execute some stuff, if not exit. I thought to get the creation time and minutes like this. CreationTime=$(stat -c %y /tmp/test.log | awk -F" " '{ print... (3 Replies)
Discussion started by: charli1
3 Replies

2. UNIX for Beginners Questions & Answers

Searching exception keyword in all logs in last 5 minutes

Hello Folks , I am a new bie to the world of unix , what i am planning to do is the I have the location in server to which i am access through the putty and the location is /mt/ttlog/avccomn/logs/201901/19 and at this location the files are listed as show startjmsnode1.sh_03.out... (7 Replies)
Discussion started by: punpun26262626
7 Replies

3. Shell Programming and Scripting

How to send a file in UNIX through email which is created only 15 minutes before the current time?

I wanted to send an email to the client whenever there is failed record created in a /feed/HR-76/failed folder after processing of feed file. I can find out with the help of below script that what is the new file created but that file didn't make just 15 minutes before. ... (1 Reply)
Discussion started by: puneetkhullar
1 Replies

4. Shell Programming and Scripting

Need help in getting the Last 30 minutes logs from the Log File

I have a log file with the below contents : log_file_updated.txt : Jul 5 03:33:06 rsyslogd: was Jul 5 03:33:09 adcsdb1 rhsmd: This system is registered. Sep 2 02:45:48 adcsdb1 UDSAgent: 2015-07-05 04:24:48.959 INFO Worker_Thread_4032813936 Accepted connection from host <unknown>... (3 Replies)
Discussion started by: rahul2662
3 Replies

5. Shell Programming and Scripting

Extract the last 10 minutes from logfile

Any better way to extract the last 10 minutes from logfile? Dec 18 09:41:18 aaa Dec 18 09:46:29 aa Dec 18 09:48:39 vvv Dec 18 09:48:54 bbb Dec 18 09:54:47 bbb Dec 18 09:55:33 fcf Dec 18 09:55:38 ssdf Dec 18 09:57:58 sdsds Dec 18 09:58:10 sdsd Dec 18 10:00:50 sdsd Dec 18... (5 Replies)
Discussion started by: timmywong
5 Replies

6. UNIX for Dummies Questions & Answers

Adding hours and minutes to current date (Only to date not to time)

Hi, I want to add some hours and minutes to the current date. For example, if the current date is "July 16, 2012 15:20", i want to add 5 hours 30 minutes to "July 16, 2012 00:00" not to "July 16, 2012 15:20". Please help. Thanks! (4 Replies)
Discussion started by: manojgarg
4 Replies

7. Shell Programming and Scripting

Perl - Extract 12 hour time, convert to 24 and subtract 15 minutes?

OK, I am by no means a programmer... I have been given the task to do some automation scripts. I have got most of it working from snippets I have found on the Web. One requirement has me stumped. The initial timing file created by the user is a comma delimited in the following format.... (4 Replies)
Discussion started by: autotuner
4 Replies

8. Shell Programming and Scripting

Reading Hours and Minutes from file and comparing with current

Hi, Time till when the application should run is indicated in a file. First line is hour and second line is minute. file: 10 55 Means my application should run till 10:55. Now in a shell script, i am trying to make that logic but with no luck. min=`tail -n 1 /file_with_time`... (1 Reply)
Discussion started by: SGD
1 Replies

9. UNIX for Advanced & Expert Users

Adding # minutes to current time...

Hi all, Looking for a way to add lets say 10 minutes to the current time output should look like 7:15 AM or 7:15 PM. I know that gdate could do this for me but unfortunately its not available on the system I'm working on. So if any one know any way I can accomplish this using the date command it... (7 Replies)
Discussion started by: gptavares
7 Replies

10. Shell Programming and Scripting

How can I create a file with current time - 60 minutes

I'm using k-shell in unix and I want to create a file with the current system time - 60 minutes. I know I can use touch to create the file, but I'm having trouble specifying how tell it to use the current time less 60 minutes. Any ideas??? (4 Replies)
Discussion started by: DaveyTN
4 Replies
Login or Register to Ask a Question