Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 11-19-2009, 01:45 AM   #1
LQ Newbie
Registered: Nov 2009
Posts: 1

Rep: Reputation: 0
Unhappy How to search logs between two timestamps in a log file.

The requirement was to write a shell script for a cron job set for every two hours for all days.
The Script has to scan log files (*.log) for the logs posted only for the last two hours.... and append them in a new file

the log file content appears as below


INFO 21 Oct 09 15:44:48 net.oit.utils.JmsReceiver - JMS Opened
DEBUG 21 Oct 09 15:44:48 net.oit.excite.mbeans.OutBound - Registered JMS listener
INFO 21 Oct 09 15:44:48 net.oit.mbeans.Base - Status now: Running
DEBUG 21 Oct 09 15:44:48 net.oit.excite.mbeans.OutBound - Started the JMS queue status = Running
DEBUG 21 Oct 09 15:44:48 net.oit.excite.mbeans.OutBound - Completed configureAndRun.
DEBUG 23 Oct 09 12:50:14 net.oit.excite.mbeans.OutBound - Started a JMS message......
DEBUG 23 Oct 09 12:50:14 net.oit.excite.mbeans.OutBound - JobId from message


I am clueless abt how to scan/compare based on time stamp seen in above logs.
Pls Help!!!
Old 11-19-2009, 01:59 AM   #2
LQ Guru
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.7, Centos 5.10
Posts: 16,917

Rep: Reputation: 2214Reputation: 2214Reputation: 2214Reputation: 2214Reputation: 2214Reputation: 2214Reputation: 2214Reputation: 2214Reputation: 2214Reputation: 2214Reputation: 2214
Well, you could use awk or cut to grab individual fields, but honestly this is perfect for Perl. It even understands dates in that format.
Old 11-19-2009, 02:04 AM   #3
Senior Member
Registered: Aug 2006
Posts: 2,697
Blog Entries: 5

Rep: Reputation: 243Reputation: 243Reputation: 243
awk 'BEGIN{
    #get time in seconds the script is run
    current = strftime("%Y:%m:%d:%H:%m:%S",now)
    print "Current date/time is: "current
    onehr = 3600 #seconds in 1 hr
    # convert "Jan" to "01" etc
    mth=date[$3] ; day=$2 ; year="20"$4    
    hr=time[1] ; min=time[2] ; sec=time[3]    
    # prepare to pass to mktime() function
    t=sprintf("%s %s %s %s %s %s" , year,mth,day,hr,min,sec)
    log_entry_time = mktime(t)
    if ( now - log_entry_time <= onehr ){
        # if less than one hour, print
        print $0
}' file
see here for another similar example.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Looking for a program that logs all net traffic to a log file manti111 Linux - General 8 08-14-2009 07:34 AM
dansguardian logs AD username in log file tanveer Linux - Server 2 04-28-2008 06:47 AM
Log iptables logs into other file Tux-Slack Slackware 2 11-18-2007 02:57 PM
stunnel leaves strange timestamps in my logs Vanyel Linux - Software 6 08-20-2007 03:33 PM
converting log file timestamps mrtwice Linux - Software 3 09-22-2003 10:45 AM

All times are GMT -5. The time now is 10:46 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration