Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Instead of tailing the log is there a way to grep all lines of the log with word Installed AND today's date? Also, what about grep lines of the log that contain a specific date and more than one word , by example : ('Installed' or 'Failed' on '2011-06-24')?
The lines in the log begin with the date format as follows:
Fri Jun 24 05:33:01
How do I incorporate that to my egrep versus using the 2011-06-24?
That depends on what you want to match exactly, why don't you post a couple lines of the log so I can give you a more precise answer?
For instance, you may want to match log entries in June only, or with a certain time interval. If you don't care about the dates and only want to see entries with the words 'Installed' or 'Failed' use this:
egrep '.*(Installed|Failed)' /var/log/updates.log
That will match any amount of characters at the beginning and will stop matching when it finds either 'Installed' or 'Failed'.
The dot (.) character means 'any character', the asterisk (*) is a modifier that means '0 or more times'. So that regex would read, "match any amount of characters at the beginning of the string, then match 'Jun 24', then any amount of characters, then match either 'Installed' or 'Failed'", then stops matching.
egrep '.*Jun 24.*(Installed|Failed)' /var/log/updates.log
at the command line and press enter to execute I am taken to the next line of the command line, nothing displays. There are updates in the log from today.
That is working. But if I use that egrep with the log and updates have ran on different days post Jun 23 than I will see any update that has 'Installed' or 'Failed' in the line regardless of date. Is there a way to egrep the log to make only 'Installed|Failed' display for that specific date range?
Thanks for all the help with this, you have helped a lot
Yes, it's the multiline matching that's a little harder with grep. Assuming the "installed" and "failed" log entries always appear right after the entry with the date, perhaps this one will work better:
egrep -A1 '.*May 5.*Print job request.*'
Similar to the one you started with. This regex will match lines with one or more characters at the beginning, then match a day of you choice, more text, then the string "Print job request". I'm assuming this string is common for those log entries, if not, you have to change it to something that is. The -A1 parameter prints the next line as you know.