Want to print fouth line after resulted line using grep with tail command
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Want to print fouth line after resulted line using grep with tail command
I want to lookup for error in running logs which are rotating after reaching file size of 5MB. Rotation of logs will be as follows :
default.log (Current logs)
default.log.1 (after reaching 5MB of default.log)
default.log.2 and so on.
Previously i am using code as follows:
#####Code:
tail -F default.log | grep "Failed to bind to SMSC" >> file.txt &
######END of code
Output it produces in file is only one line:
( 1.3.6.1.4.1.140.627.100.5 Failed to bind to SMSC. )
Now i want my output will be written in file as:
date(28 Jul 2010 10:54:29,968 which is in starting of error line)| reason(Failed to bind to SMSC which is serach keyword) | Plugin Name(Plugin_px21_short_messaging_smpp_56300_north which is on 4th line
after the error line)
and continue to append.
For example
28 Jul 2010 10:54:29,968| Failed to bind to SMSC |Plugin_px21_short_messaging_smpp_56300_north
29 Jul 2010 10:54:29,968| Failed to bind to SMSC |Plugin_px21_short_messaging_smpp_56300_south
Well that all sounds fine and dandy ... what distinguishes any of these lines from what I am guessing is potentially thousands of lines?
Is the example above the same format everytime? ie for every error?
Have you not shown us the continuing lines after the last one as it is just more of the same?
From looking at your data provided I can see the words:
Plugin
Failed
SNMP
If these are unique items then yes you can get them, but the issue I see is how to know when to get them???
Sorry to not provide a solution but as you can see there are some other questions that need to be answered first.
I don't think regular grep is the way to go. You would be better of with your favorite script language.
Personally I would go for awk (most installations have it). As my skills are rusty I'm not going to create a solution, sorry. But take a look at this site and search for awk+parse+file and I'm sure you will be able to figure it out.
4th line or 4th column? You can use head and tail to extract individual lines. You have to use something like awk to extract parts of a line. Or one of the many other tools out there.
Find your answers inline:
1. what distinguishes any of these lines from what I am guessing is potentially thousands of lines?
Answer : There are 1000 or even more lines and this line is generated and format is same when any plugin is down from pludins that are running....
2.Is the example above the same format everytime? ie for every error?
Have you not shown us the continuing lines after the last one as it is just more of the same?
Answer : The format is same but generated limited when any of running plugin is down.If all plugin is up there is no such type of logs.
3.From looking at your data provided I can see the words:
Plugin
Failed
SNMP
If these are unique items then yes you can get them, but the issue I see is how to know when to get them???
Answer : Whenever we found 'Failed to bind to SMSC' in logs these words are come automatically with them and this means that one or more plugin is down from list of plugins configured.
Hope above answers clears your queries.
Quote:
Originally Posted by grail
Well that all sounds fine and dandy ... what distinguishes any of these lines from what I am guessing is potentially thousands of lines?
Is the example above the same format everytime? ie for every error?
Have you not shown us the continuing lines after the last one as it is just more of the same?
From looking at your data provided I can see the words:
Plugin
Failed
SNMP
If these are unique items then yes you can get them, but the issue I see is how to know when to get them???
Sorry to not provide a solution but as you can see there are some other questions that need to be answered first.
Yes I am with you so far It is good that the format is the same as I agree with others that have mentioned awk as a solution.
Would it be possible to see at least 2 or 3 errors from the log?
Also, are there other items in the log file? (ie not errors)
If yes to last question, then it would be helpful to see a portion of the log containing both other data and the error data.
This log file contains error as well as general logs for debugging also.
Find the sample as follows:
04 Aug 2010 09:43:24,742 [[ACTIVE] ExecuteThread: '108' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.apache.axis.encoding.SerializationContext - [dci_plugin_InstanceFour#wlng_nt_payment_dci#1.0] Start element [http://schemas.xmlsoap.org/soap/envelope/]:Body
04 Aug 2010 09:43:24,742 [[ACTIVE] ExecuteThread: '108' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.apache.axis.i18n.ProjectResourceBundle - [dci_plugin_InstanceFour#wlng_nt_payment_dci#1.0] org.apache.axis.i18n.resource::handleGetObject(register00)
04 Aug 2010 09:43:24,742 [[ACTIVE] ExecuteThread: '108' for queue: 'weblogic.kernel.Default (self-tuning)'] DEBUG org.apache.axis.encoding.SerializationContext - [dci_plugin_InstanceFour#wlng_nt_payment_dci#1.0] register 'a1' - 'http://telcordia.com/cvas/rcs/SAM/BalanceRetrieve/schemas/BalanceRetrAll/v1_0'
Hope it will clear your requirement and i can't use awk and i have to catch logs at runtime.
Quote:
Originally Posted by grail
Yes I am with you so far It is good that the format is the same as I agree with others that have mentioned awk as a solution.
Would it be possible to see at least 2 or 3 errors from the log?
Also, are there other items in the log file? (ie not errors)
If yes to last question, then it would be helpful to see a portion of the log containing both other data and the error data.
Reading the man page for grep, I see that (at least on OpenSuSE using bash) you can use grep -A x <searchstring> to print the next x lines after each hit:
In this case, I used grep to find any references to "memory" in the output of the dmesg program. Using the -A x option allows me to specify how many lines of output to include after each instance of the search string being found. Using the -B x option allows you to print x number of lines before each match. This allows you to get some context surrounding your match.
Reading the man page for grep, I see that (at least on OpenSuSE using bash) you can use grep -A x <searchstring> to print the next x lines after each hit:
In this case, I used grep to find any references to "memory" in the output of the dmesg program. Using the -A x option allows me to specify how many lines of output to include after each instance of the search string being found. Using the -B x option allows you to print x number of lines before each match. This allows you to get some context surrounding your match.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.