How to get the result in such log format using linux tools (awk,sed..) ?
Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
How to get the result in such log format using linux tools (awk,sed..) ?
hi guys,
I have a log file which has such format:
Code:
Fri May 18 13:13:57 MYT 2012
Variable_name Value
Aborted_clients 1
Aborted_connects 4
Binlog_cache_disk_use 0
Binlog_cache_use 0
Bytes_received 128
Bytes_sent 200
Fri May 18 13:14:57 MYT 2012
Variable_name Value
Aborted_clients 0
Aborted_connects 4
Binlog_cache_disk_use 0
Binlog_cache_use 0
Bytes_received 128
Bytes_sent 194
Fri May 18 13:15:57 MYT 2012
Variable_name Value
Aborted_clients 0
Aborted_connects 4
Binlog_cache_disk_use 0
Binlog_cache_use 0
Bytes_received 128
Bytes_sent 177
If I need to get all the 'Aborted_clients' value, I can simply do a grep. But, how do I associate each 'Aborted_clients' value with the 'date' information on top of each paragraph ? I wish to have something like this:
Code:
Fri May 18 13:13:57 MYT 2012 Aborted_clients 1
Fri May 18 13:14:57 MYT 2012 Aborted_clients 0
Fri May 18 13:15:57 MYT 2012 Aborted_clients 0
In fact this logfile is generated by me every minute using a very simple syntax :
Code:
LOG=./mysqlstatus.log
echo "`date`" | tee -a $LOG
mysql -u root -e 'show status' | tee -a $LOG
echo | tee -a $LOG
If I need to change the way I log the result to make the log become easier to be retrieved the information, you are welcome to advise me as well.
awk ' /MYT/ { date=$0; next } length { print date " " $0 } ' file
_________________________________
Happy with solution ... mark as SOLVED
If someone helps you, or you approve of what's posted, click the "Add to Reputation" button, on the left of the post.
From another similar log, but this time I would like to calculate the appearance of certain lines, for example:
Code:
Fri May 18 13:13:57 MYT 2012
Aborted_clients
Aborted_clients
Aborted_clients
Aborted_connects
Fri May 18 13:14:57 MYT 2012
Aborted_clients
Aborted_connects
Aborted_connects
Fri May 18 13:15:57 MYT 2012
Aborted_clients
Aborted_clients
Aborted_clients
Aborted_clients
Aborted_connects
And the output I would need this time is:
Code:
Fri May 18 13:13:57 MYT 2012 Aborted_clients 3; Aborted_connects 1
Fri May 18 13:14:57 MYT 2012 Aborted_clients 1; Aborted_connects 2
Fri May 18 13:15:57 MYT 2012 Aborted_clients 4; Aborted_connects 1
Is that doable ? I tried to manipulate from the solution given previously, but just not able to make it work I tried googling, but can't find in awk docs on how to do this. Is this called multi pattern matching ?
Apology that I didn't make the question clearer. Your solution is in fact not what I want this time. What I need is something a bit different with another format of log like this:
#!/bin/bash
awk '
BEGIN { RS="\n\n" ; FS="\n" }
{
for (i=2;i<=NF;i++)
if ( $i == "Sleep" ) { sleep[$1]++ }
else { locked[$1]++ }
}
END { for (x in sleep) print x, "Sleep " sleep[x], "; Locked " locked[x] }
' infile | sort
Two possible issues with the above code:
1 - If a state isn't encountered, nothing instead of 0 will be printed.
2 - the sort part will only work if entries are all from the same day and month (date in examples aren't sane, sorting those will be hard. sorting the arrays from within gawk without losing indices might be possible).
Fri May 18 13:13:57 MYT 2012
Variable_name Value
Aborted_clients 1
Aborted_connects 4
Binlog_cache_disk_use 0
Binlog_cache_use 0
Bytes_received 128
Bytes_sent 200
Fri May 18 13:14:57 MYT 2012
Variable_name Value
Aborted_clients 0
Aborted_connects 4
Binlog_cache_disk_use 0
Binlog_cache_use 0
Bytes_received 128
Bytes_sent 194
Fri May 18 13:15:57 MYT 2012
Variable_name Value
Aborted_clients 0
Aborted_connects 4
Binlog_cache_disk_use 0
Binlog_cache_use 0
Bytes_received 128
Bytes_sent 177
If I need to get all the 'Aborted_clients' value, I can simply do a grep. But, how do I associate each 'Aborted_clients' value with the 'date' information on top of each paragraph ? I wish to have something like this:
Code:
Fri May 18 13:13:57 MYT 2012 Aborted_clients 1
Fri May 18 13:14:57 MYT 2012 Aborted_clients 0
Fri May 18 13:15:57 MYT 2012 Aborted_clients 0
In fact this logfile is generated by me every minute using a very simple syntax :
Code:
LOG=./mysqlstatus.log
echo "`date`" | tee -a $LOG
mysql -u root -e 'show status' | tee -a $LOG
echo | tee -a $LOG
If I need to change the way I log the result to make the log become easier to be retrieved the information, you are welcome to advise me as well.
Thanks a million for any assist and advice given
this is somewhat of a hack but mite help[untested]:
Code:
d=`date`; echo $d - `mysql -u root -e 'show status'` | tee -a $LOG
edit: this should work with the original log method[untested];
awk '/ MYT / { date=$0; next } /.../ { arr[$1]++; next } { printf date; for ( i in arr ) { printf ", %s %s", i, arr[i] }; printf "\n" } ' filename
pan64,
I don't quite understand the part where you do
Code:
/.../
, what does that mean ?
My problem in making awk to read a block of text are:
i) I don't know how to make it print the result after every end of the block, as I understand awk is a stream processor, how do we make it aware to only print result at the end of each block? Like for instance,
Code:
Fri May 18 13:14:57 MYT 2012 -> read input, date=$0, but don't print
Sleep -> read input, arr[Sleep]++, but don't print
Sleep -> read input, arr[Sleep]++, but don't print
Sleep -> read input, arr[Sleep]++, but don't print
Locked -> read input, arr[Locked]++, but don't print
"\n" -> read input, but this time, print the result!
ii) how does awk know WHEN to reset the counter back to zero and counting again when it finds another 'MYT' ?
druuna's way is using a RS to do that, but I don't quite understand how's pan64 way can make awk aware about the above (i) and (ii). pan64, mind to elaborate more ?
Nylex,
Thanks for your advice, I do know taking blindly other people stuff is not a good habit, and if you have notice my question in LQ so far, I am not fall into those category. I will try understanding and discuss with the feedback and try to give my own finding. I'm slow in understanding awk even though I did go through many tutorials, hope you guys bear with my weakness in this part.
Apology that I didn't make the question clearer. Your solution is in fact not what I want this time. What I need is something a bit different with another format of log like this:
just to see post #9, you should try and understand.
. means any char, so /.../ means 3 chars, with other words it is a line containing at least 3 chars.
Otherwise my awk works exactly as you described:
first look for MYT to start counting
next look for non-empty lines and sum up what found in it
last on empty lines print result, reset counter and start over
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
How to get the result in such log format using linux tools (awk,sed..) ?
I tried googling, but can't find in awk docs on how to do this. Is this called multi pattern matching ?
