Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

Extracting data from large logs.

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Extracting data from large logs.
# 1  
Old 07-12-2007
Extracting data from large logs.
Hi all,
I have a large log file that gets created daily.

I need to be able to pull text out of the log when I hit a pattern including the 7 lines above it and the 3 lines below and output it to a new text file.

Line 1
Line 2
Line 3
Line 4
Line 5
Line 6
Line 7
Pattern
Line 9
Line 10
Line 11

I've tried using grep, awk and sed but am still a newbie and am having troubles.
Any help would be appreciated.
# 2  
Old 07-12-2007
Well, you could do it in perl by building an array of 11 strings, and push in your lines until your array is full. Then check the 8th string for your pattern. If it doesn't match, pop the first one out, push a new one in, check again. When it does match, print out your array. It's a brute force method, but it should work.

You could do this same concept in awk or sed using buffers.

You might also try grep -p if you can identify a way to divide your lines into paragraphs. For example, if every log entry starts with a line of "++++++" and the text you're searching for is the 8th line of the log entry, do:
grep -p"++++++" "searchstring" logfile

That would be the easiest method.
# 3  
Old 07-12-2007
Thanks for the reply Nick.

The extract I need does have a pattern of "========", but so do all the unwanted sections.

I didn't know I could put multiple lines into a buffer which may be of some help.

If I use the grep method, it will take almost the entire log as output unless I can specify it to only keep the section with the pattern I'm looking for.
# 4  
Old 07-12-2007
That's exactly what the -p option does. Think of it as instead of searching line by line, search section by section, with the section divider being "=======", for whatever. Instead of just printing the one line where the pattern exists, it prints the one section.

If you're having problems getting the sections to break up correctly, try using fgrep -p. You might need to include an entire line of the "=" as the argument to -p to get it to work. I have a log file where the divider is a line of * characters, and I remember having to play around with it for a while until I found the combination that worked.
# 5  
Old 07-12-2007
man your grep and see if there's a -A or -B option.
# 6  
Old 07-13-2007
An awk solution:
Code:
awk '
BEGIN {i=1}
{
vec[i]=$0
i++
if ( $0 ~ /Pattern/ ) {
          for (j=i-8;j<i;j++)
             print vec[j]
          for (j=1;j<=3;j++)
             {
             getline
             print
             }
          i=1
          }
}' file

Last edited by Klashxx; 07-13-2007 at 06:20 AM..
# 7  
Old 07-13-2007
Hi,
My grep has a -b option. No -A -B or -p option exists.

I also used the awk code and it was the closest thing that's worked.... but the output shows.

data
data
data
data
----------------------------------
data
data
data
data
data
data
data
pattern
data
data
data
----------------------------------
data
data
data
data
data
data

That's really close to what I'm looking for.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Programming

C++ help in large data set

Hi All, We are trying to replace a 3rdparty where we don't know how they handled the reader part here. The query below is getting 197 * 2038017 row in the table. In the below code we are trying to run the query and execute in the DB part and fetch and read the record. That is where it is... (1 Reply)
Discussion started by: arunkumar_mca
1 Replies

2. UNIX for Beginners Questions & Answers

Transpose large data in UNIX

Hi I have the following sample of data: my full data dimention is 900,000* 1119 rs987435 C G 1 1 1 0 2 rs345783 C G 0 0 1 0 0 rs955894 G T 1 1 2 2 1 rs6088791 ... (7 Replies)
Discussion started by: marwah
7 Replies

3. Shell Programming and Scripting

Extracting logs using gunzip awk and gzip

Hi All I am trying to use a hard coded script into shell scripting but I am unable to . Kindly find the Script below along with the command Please help gunzip -c FilePath/FileName_*.gz | awk '$0 > "" && $0 < ""'|\ gzip >> FilePath/Outputfile.log.gz I Am trying to use this... (9 Replies)
Discussion started by: pulkitbahl
9 Replies

4. UNIX for Dummies Questions & Answers

Extracting a block of text from a large file using variables?

Hi UNIX Members, I've been tasked with performing the following: Extract a block of data in column form #This data changes each time, therefore automating future procedures Please Note the following: line = reading a line from a file_list that leads to the data The filename is called... (16 Replies)
Discussion started by: Klor
16 Replies

5. UNIX for Dummies Questions & Answers

help in extracting logs in readable format

hello everyone. newbie here in unix. I am trying to extract the logs of a certain job and would like to output it in a readable format, see below the CAT part: cat /var/opt/ctma/ctm/sysout/idwesct_sh30_eng_r6_cdcs_sh.LOG_05l0du_000* | egrep -i 'orderid:|file_name=' | sed... (1 Reply)
Discussion started by: eanne_may
1 Replies

6. Shell Programming and Scripting

Extracting specific lines of data from a file and related lines of data based on a grep value range?

Hi, I have one file, say file 1, that has data like below where 19900107 is the date, 19900107 12 144 129 0.7380047 19900108 12 168 129 0.3149017 19900109 12 192 129 3.2766666E-02 ... (3 Replies)
Discussion started by: Wynner
3 Replies

7. Shell Programming and Scripting

Extracting a portion of data from a very large tab delimited text file

Hi All I wanted to know how to effectively delete some columns in a large tab delimited file. I have a file that contains 5 columns and almost 100,000 rows 3456 f g t t 3456 g h 456 f h 4567 f g h z 345 f g 567 h j k lThis is a very large data file and tab delimited. I need... (2 Replies)
Discussion started by: Lucky Ali
2 Replies

8. UNIX for Dummies Questions & Answers

restrict data from getting written to Logs

$SYBASE/bin/isql -U $DB_USERID -S $DB_SERVER << ! >> $OUTFILE `echo $DB_PASSWD` use $db go Print " The processing" go ! # Extract data to file echo $DB_PASSWD | $SYBASE/bin/bcp $WRK_DB..open out $CONV_DIR/open".csv -t\, -c -U $DB_USERID -S $DB_SERVER -b 1000 | tail -3 I am able to... (0 Replies)
Discussion started by: w020637
0 Replies

9. Shell Programming and Scripting

Awk Help for extracting report from logs

Hi I have a log file, with lines of following kind. ------------------------ 2009-05-15 07:49:42,574 INFO - SqlMapObjectDataDao - select - selectObject - 2 ms 2009-05-15 07:49:42,575 INFO - SqlMapUserDao - select - getUserSystemAdminSuperGroup - 0 ms 2009-05-15 07:49:42,576 INFO -... (3 Replies)
Discussion started by: jitendriya.dash
3 Replies
Login or Register to Ask a Question