Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a requirement to search for a particular pattern from the log files every 4 hours. I have set up a cron which runs the script every 4 hours.
Log file pattern as below.
2018-12-17 01:53:47,390 [pool-3-thread-1] INFO [traceId=7c87f067fca636df,spanId=7c87f067fca636df] c.b.s.m.a.update.EmailProcessor - =========== Is email body HTML?
2018-12-17 04:47:21,838 [ActiveMQ Task-1] INFO [traceId=,spanId=] o.a.a.t.failover.FailoverTransport - Successfully connected to tcp://xx.xx.xx.xx:31313
After some research the below sed command was found
Code:
sed -e "1,/^$(date -d -4hour +'%Y-%m-%d %H')/d" /home/nextStep/Logcheck.txt
But the issue here is , it outputs all the text in the last 4 hours. My requirement is to find if the below pattern exists in the last 4 hours.
c.b.s.m.a.update.EmailProcessor
you do not need switch -e if you only have one sed script
I'm not sure why you use instruction d...
OK, I see you are using a regex as a line range end. Do you know that the end line number will be the first one that is going to match your regex (maybe not what you want if there are multiple logs in the last 4-hour span), and if there is no match, then every lines will be taken into account?
do you expect a "yes"/"no" output? If you want that, maybe awk would be more appropriate...
I have a requirement to search for a particular pattern from the log files every 4 hours. I have set up a cron which runs the script every 4 hours.
Log file pattern as below.
2018-12-17 01:53:47,390 [pool-3-thread-1] INFO [traceId=7c87f067fca636df,spanId=7c87f067fca636df] c.b.s.m.a.update.EmailProcessor - =========== Is email body HTML?
2018-12-17 04:47:21,838 [ActiveMQ Task-1] INFO [traceId=,spanId=] o.a.a.t.failover.FailoverTransport - Successfully connected to tcp://xx.xx.xx.xx:31313
After some research the below sed command was found
Code:
sed -e "1,/^$(date -d -4hour +'%Y-%m-%d %H')/d" /home/nextStep/Logcheck.txt
But the issue here is , it outputs all the text in the last 4 hours. My requirement is to find if the below pattern exists in the last 4 hours.
c.b.s.m.a.update.EmailProcessor
How to append the pattern in the above code.
Thanks for the help.
do you have to use sed?
other programs/commands can search inside of files to find a match to, 'c.b.s.m.a.update.EmailProcessor' if true then log it true, if false then log it false.
I have a requirement to search for a particular pattern from the log files every 4 hours. I have set up a cron which runs the script every 4 hours.
My requirement is to find if the below pattern exists in the last 4 hours.
c.b.s.m.a.update.EmailProcessor
1. set up a cron job to fire off every 4 hours.
2. job is to search log files looking for an entry "c.b.s.m.a.update.EmailProcessor' within same said log files.
3. If found ?? If not found ??
seding for a date within a file is redundant. The log files are already going to be four hours old, every 4 hours, entries are (maybe) added to all of the log files.
So logic states what about the log files condition each 4 hours they are searched, again?
plus your sed statment is malformed.
grep has a return value
sed does not, from what I've read on it thus far.
grep -q
grep retrun code
Code:
The code 1 is because of no lines matching from the input.
Also to read on EXIT CODES on man grep page, EXIT STATUS
Normally the exit status is 0 if a line is selected, 1 if
no lines were selected, and 2 if an error occurred. The
exit code is 1 because nothing was matched by grep.
I tried the below approach, but couldnot get the result expected .
Code:
sed -e "1,/^$(date -d -1hour +'%Y-%m-%d %H')/d" | sed -n "c.b.s.m.a.update.EmailProcessor" /home/nextStep/Logcheck.txt
Indeed, neither your first command, nor the 2nd one can work as is...
If I were you I would do read sed man page (simply type "man sed" in your terminal) and/or do some additional searches on the internet.
Yes, that will show you the same lines every time it runs...not just the lines added in the last four hours. You'll need to analyze the result and parse it some more to tune the result.
C'mon folks, the OP is trying, let's help. And *YES* the command posted originally works exactly as it's supposed to.
Quote:
Originally Posted by nextStep
I tried the below approach, but couldnot get the result expected .
Code:
sed -e "1,/^$(date -d -1hour +'%Y-%m-%d %H')/d" | sed -n "c.b.s.m.a.update.EmailProcessor" /home/nextStep/Logcheck.txt
Close - you need the input file on the first sed, and by using "-n" in the second sed you are suppressing all printing, so you have to explicitly print the lines you want. Try it like this.
Code:
sed -e "1,/^$(date -d -1hour +'%Y-%m-%d %H')/d" /home/nextStep/Logcheck.txt | sed -n "/c.b.s.m.a.update.EmailProcessor/p"
As suggested above, it is possibly better to only call sed once
Code:
sed -e "1,/^$(date -d -1hour +'%Y-%m-%d %H')/d" -ne "/c.b.s.m.a.update.EmailProcessor/p" /home/nextStep/Logcheck.txt
use grep -c instead of grep | wc
And do not repeat the same grep. That is just wasting the resources and time.
grep cannot handle the 4 hours requirement, sed can do the search for you
there is a space before /home in filename, which make this command useless.
This was not posted for copy paste efficiency. I just tossed that in here after I pasted it from my test code, that is where the space came from. It was "$1" to use the CLI.
That is a neither, here nor there, due to, if the user OP cannot figure out why it is not working due a space because of a copy paste using of answers in any forum, then it is a good exercise to be used as a learning tool, to test any code gotten from somewhere else before putting to use.
Quote:
Originally Posted by pan64
Use grep -c instead of grep | wc
And do not repeat the same grep. That is just wasting the resources and time.
grep cannot handle the 4 hours requirement, sed can do the search for you
point taken. As one little file is not a good test for reality purposes.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
