[SOLVED] using sed to inclusively match multiple patterns in one line..??
ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
using sed to inclusively match multiple patterns in one line..??
I have a log file for an application, that contains a safe, yet misbehaving, process error message. I need to purge said error message out of the log so that the admins can actually see if anything serious is going on. I have tried and failed to figure out how to use awk, sed, even grep to look for a pattern (even going as far as splitting it into multiple patterns) so the offending line can be deleted.
Arrangement of log:
some-time-date-stamp [event] [processname] message
The pattern that matters:
[event] [processname] message.
sed '/\[FINE\]/,/\[ProcessA\]/,/space consuming error/d' ./Bad.log > ./New.log
Semi-Sucessful attempt:
This one captures only the error, which wasn't entirely what I wanted (I don't know how to make this an "everything but said pattern")
awk '/\[FINE\] \[ProcessA\] space consuming message/' ./Bad.log > ./New.log
This purges everything that had to do with the error, only it removes [BAD] items as well.
sed '/space consuming error/d' ./Bad.log > ./New.log
What I believe I don't understand, is how to deal with the [] characters properly. Although at this point, I'm now clueless - I can't even get the right internet search term to figure this out.
Thank you for a response, I'll try to clarify my issue now that I took my mind off this.
I have a process, that can have various events, but one event currently is over helpful (until someone on my end understands why).
So we could have a condition in the log such as :
Code:
some-time-date-stamp [event] [processname] message
some-time-date-stamp [eventA] [processnameA] error message one
some-time-date-stamp [eventB] [processnameB] error message two
some-time-date-stamp [eventB] [processnameA] error message three
some-time-date-stamp [eventA] [processnameB] error message one
As I understand it, Event is commonly used, the process handles a good chunk of the application, so sometimes shows up for other reasons, and the message itself can be called when a completely different event is called. So the only way I can filter out the misbehaving process, is to either use 3 matching patterns, or the string containing the square brackets.
When I tried using the string containing square brackets, I'd get an error, "unterminated `s' command"
A blind stab using 3 patterns didn't work either.
Failed Attempt 1:
sed -n '/'"$Pat1"'/,/'"$Pat2"'/,/'"$Pat3"'/d' ./Working.log > ./NewTest
A solution (if it exists) needs, if its a multiple pattern, to be used as such {pat1 AND pat2 AND pat3 } on a line by line basis. If on the other-hand I can use the entire string complete with square brackets, I can be certain just the unwanted line departs.
While I have seen vast examples out there, those are for multiple items within the entire file, my troubles are sticking to a single line (which shows up thousands, if not millions of times in one log file). Have I clarified this?
Well I still find the example a little vague, but druuna has already shown that if you escape (place a \ before) the square brackets they will be treated as literal and used as part of the search.
As you have hidden your patterns in variables it is not clear what you have entered in each one and where we can help you improve it.
Thank you for a response, I'll try to clarify my issue now that I took my mind off this.
I have a process, that can have various events, but one event currently is over helpful (until someone on my end understands why).
So we could have a condition in the log such as :
Code:
some-time-date-stamp [event] [processname] message
some-time-date-stamp [eventA] [processnameA] error message one
some-time-date-stamp [eventB] [processnameB] error message two
some-time-date-stamp [eventB] [processnameA] error message three
some-time-date-stamp [eventA] [processnameB] error message one
As I understand it, Event is commonly used, the process handles a good chunk of the application, so sometimes shows up for other reasons, and the message itself can be called when a completely different event is called. So the only way I can filter out the misbehaving process, is to either use 3 matching patterns, or the string containing the square brackets.
When I tried using the string containing square brackets, I'd get an error, "unterminated `s' command"
A blind stab using 3 patterns didn't work either.
Failed Attempt 1:
sed -n '/'"$Pat1"'/,/'"$Pat2"'/,/'"$Pat3"'/d' ./Working.log > ./NewTest
A solution (if it exists) needs, if its a multiple pattern, to be used as such {pat1 AND pat2 AND pat3 } on a line by line basis. If on the other-hand I can use the entire string complete with square brackets, I can be certain just the unwanted line departs.
While I have seen vast examples out there, those are for multiple items within the entire file, my troubles are sticking to a single line (which shows up thousands, if not millions of times in one log file). Have I clarified this?
I'm not sure I'm clear about what you want.
You have added an entry to my example, but you fail to show what the expected output would need to look like.
If I understand the explanation given by you you want to match multiple patterns (say: processnameA or processnameB) in combination with another pattern. If that is the case have a look at this:
Code:
sed -rn '/(\[processnameA\]|\[processnameB\]).*error message one/p' infile
The above looks for lines that contain:
-[processnameA] OR [processnameB] (the green part) AND error message one (the blue part)
Assuming the example given by you in post #3, the output would be:
Code:
some-time-date-stamp [eventA] [processnameA] error message one
some-time-date-stamp [eventA] [processnameB] error message one
You have added an entry to my example, but you fail to show what the expected output would need to look like.
If I understand the explanation given by you you want to match multiple patterns (say: processnameA or processnameB) in combination with another pattern. If that is the case have a look at this:
Code:
sed -rn '/(\[processnameA\]|\[processnameB\]).*error message one/p' infile
The above looks for lines that contain:
-[processnameA] OR [processnameB] (the green part) AND error message one (the blue part)
Assuming the example given by you in post #3, the output would be:
Code:
some-time-date-stamp [eventA] [processnameA] error message one
some-time-date-stamp [eventA] [processnameB] error message one
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
