Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Extract data from log file in specified range of time [duplicate]

Tags:

bash

I want to extract information from a log file using a shell script (bash) based on time range. A line in the log file looks like this:

172.16.0.3 - - [31/Mar/2002:19:30:41 +0200] "GET / HTTP/1.1" 200 123 "" "Mozilla/5.0 (compatible; Konqueror/2.2.2-2; Linux)"

i want to extract data specific intervals. For example I need to look only at the events which happened during the last X minutes or X days ago from the last recorded data. I'm new in shell scripting but i have tried to use grep command.

like image 908
ham raaz _e Avatar asked Sep 27 '11 20:09

ham raaz _e

People also ask

What is the command to extract logs from a specific date and time to another?

You can use sed for this. For example: $ sed -n '/Feb 23 13:55/,/Feb 23 14:00/p' /var/log/mail.

How do I view a specific time log in Linux?

Linux logs will display with the command cd/var/log. Then, you can type ls to see the logs stored under this directory. One of the most important logs to view is the syslog, which logs everything but auth-related messages.

How do I check var log messages for a specific time?

Start with something really simple like grep '^Mar' /var/log/messages' . If that doesn't return results, then you're missing something from your log format. If it does return results, then add the date: grep '^Mar 24' . If that still works, add the first digit of the time (which should be a 0).

How do I grep a log after a certain time?

Use the tail command to get the last 2-3 records as shown below. In the above log the date format is 20/Aug/2021:07:23:07 that is DD/MMM/YYYY:HH:MM:SS. Now here is the awk command to extract data for the last 2 minutes. In the above command, %d/%b/%Y:%H:%M:%S is the format specifier of your date column.

1 Answers

You can use sed for this. For example:

$ sed -n '/Feb 23 13:55/,/Feb 23 14:00/p' /var/log/mail.log Feb 23 13:55:01 messagerie postfix/smtpd[20964]: connect from localhost[127.0.0.1] Feb 23 13:55:01 messagerie postfix/smtpd[20964]: lost connection after CONNECT from localhost[127.0.0.1] Feb 23 13:55:01 messagerie postfix/smtpd[20964]: disconnect from localhost[127.0.0.1] Feb 23 13:55:01 messagerie pop3d: Connection, ip=[::ffff:127.0.0.1] ...

How it works

The -n switch tells sed to not output each line of the file it reads (default behaviour).

The last p after the regular expressions tells it to print lines that match the preceding expression.

The expression '/pattern1/,/pattern2/' will print everything that is between first pattern and second pattern. In this case it will print every line it finds between the string Feb 23 13:55 and the string Feb 23 14:00.

More info here

like image 103
ychaouche Avatar answered Sep 20 '22 17:09

ychaouche
Sign in to Comment

Related questions

How do I create an alias where the arguments go in the middle? [duplicate]
Bash / Docker exec: file redirection from inside a container
Reverse sort order of a multicolumn file in BASH
Copy file permissions, but not files [closed]
Search with grep for two expressions at once
Difference between "while" and "until" in Bash
Bash: Convert non-ASCII characters to ASCII
How can I 'echo' out things without a newline?
How to sort strings that contain a common prefix and suffix numerically from Bash?
can't download github project with curl command
How would I get the current mouse coordinates in bash?
bash script read all the files in directory
Divide two variables in bash
Bash get last line from a variable
printf in bash: "09" and "08" are invalid numbers, "07" and "06" are fine
Using AWK to filter out column with numerical ranges
Does bash support word boundary regular expressions?
Removing characters from grep output
Looping through the elements of a path variable in Bash
How to add a # before any line containing a matching pattern in BASH?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!