LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   Grep syntax questions (https://www.linuxquestions.org/questions/linux-general-1/grep-syntax-questions-311996/)

Phaethar 04-11-2005 08:53 AM
Grep syntax questions
 
Hey all,

Just a general question about the use of the grep command. I can never seem to get it to work quite right, and the man pages for it don't really explain it very well. What I'm trying to do is have a daily job set up to pull the previous days worth of entries from various log files (httpd, system logs, etc). I try to test out various syntax combinations, but I can't ever seem to get grep to show just 1 days worth when sorting by date.

So, for example, the Apache logs store the date like this:
Code:
[10/Apr/2005:04:07:53 -0500]
I'm trying to view the previous days logs with something like this:
Code:
grep "date --date=yesterday '+%d/%b/%G/%T'" /var/log/httpd/access_log
With that, I get nothing returned, and I don't know what to do to sort it by date.

Also, if I can get my results to come back properly, I'd like to write them out to a text file with the date as the filename. I believe grep can pipe it to a file, but again, I'm not sure on the syntax. Can I just echo it to a file, or is there a better way?

If it helps any, this job will be running on a Fedora 3 system. Any help on this will really be appreciated.

ahh 04-11-2005 09:02 AM
As a starting point change your date syntax, this is your current one:-
Code:
date --date=yesterday '+%d/%b/%G/%T'
10/Apr/2005/14:57:26
whereas what you want is:-
Code:
date --date=yesterday '+%d/%b/%G:%T'
10/Apr/2005:14:58:18
to match the way the Apache log stores the date.

samel_tvom 04-11-2005 09:02 AM
Hi!
I think that it could work if you tried to put $( ) around the thing that should return a string.
like this:
grep "$(date --date=yesterday '+%d/%b/%G/%T')" /var/log/httpd/access_log

does that work?

Phaethar 04-11-2005 09:24 AM
Ok, it appears that I did in fact need the $( ) to return the values properly. I also took out the %T search variable to get it to work, thinking that it was only searching for the exact time, down to the second, as it is when the job runs. So, now my search string looks like this:

Code:
grep "$(date --date=yesterday '+%d/%b/%G')" /var/log/httpd/access_log
This returns all entries from yesterday, which is exactly what I wanted.

Now, how difficult will it be to write this to a text file at the same time?

Thanks!

ahh 04-11-2005 09:34 AM
if you want it written to a file as well as the terminal, use the "tee" command. See "man tee" for the options available:-
Code:
grep "$(date --date=yesterday '+%d/%b/%G')" /var/log/httpd/access_log | tee -ai /path/file
If you dont want to see the results in the terminal just redirect the output:-
Code:
grep "$(date --date=yesterday '+%d/%b/%G')" /var/log/httpd/access_log > /path/file
will write it to a file, deleting the file first if it exists,
Code:
grep "$(date --date=yesterday '+%d/%b/%G')" /var/log/httpd/access_log >> /path/file
will append the results to the end of the file.


All times are GMT -5. The time now is 11:25 AM.