This is a silly script but you would be surprised how many times a day I have to do this and no matter how many times I type the command, I always get it wrong (or more than likely I forget to escape something). Its also interesting to note that the scripts I find silly are usually the ones that are the most popular on this site….so here it is.
Basically, if you copy and paste this script into a file and run it, it will give you the exact date and time in the sed command to run to search all lines in a log file from the previous hour to now and save it to another file.
[codesyntax lang=”bash”]
#!/bin/bash #=============================================================================== # # FILE: determine-time.sh # # USAGE: ./determine-time.sh # # DESCRIPTION: determines current date and time and previous hour for searching # files between date and time using sed (example does previous hour) # REQUIREMENTS: sed # AUTHOR: Ed Wiget # VERSION: 1.0 # CREATED: 02/17/2016 04:10:53 PM EST # #=============================================================================== # current year CY=`date +%Y` # current month CM=`date +%b` # current day of month CD=`date +%d` # current hour CH=`date +%H` # current minute CMH=`date +%M` # current second CS=`date +%S` echo "The current date and time is: ${CY}-${CM}-${CD} ${CH}:${CMH}:${CS}" echo "" # now determine previous hour PH=`expr ${CH} - 1 ` echo "the previous hour is: ${PH}" echo "" # for sed we need this format # sed -n '/27\/Mar\/2013\:16\:00\:00/,/27\/Mar\/2013\:16\:16\:00/ p' merged.log > 12_00_00-12_16_00EST_16_00_00-16_16_00UTC.txt echo "our search beginning time in sed is:" echo "/${CD}\/${CM}\/${CY}\:${PH}\:${CMH}\:${CS}/" echo "" echo "our search ending time in sed is:" echo "/${CD}\/${CM}\/${CY}\:${CH}\:${CMH}\:${CS}/" echo "" echo "The entire sed command to search logs from previous hour to now is:" echo "sed -n '/${CD}\/${CM}\/${CY}\:${PH}\:${CMH}\:${CS}/,/${CD}\/${CM}\/${CY}\:${CH}\:${CMH}\:${CS}/ p' /path/to/log/filename > /path/to/output_filename.txt"
[/codesyntax]
So when you run it, it basically looks like this:
[codesyntax lang=”bash”]
$ scripts/determine-time.sh The current date and time is: 2016-Feb-17 16:50:51 the previous hour is: 15 our search beginning time in sed is: /17\/Feb\/2016\:15\:50\:51/ our search ending time in sed is: /17\/Feb\/2016\:16\:50\:51/ The entire sed command to search logs from previous hour to now is: sed -n '/17\/Feb\/2016\:15\:50\:51/,/17\/Feb\/2016\:16\:50\:51/ p' /path/to/log/filename > /path/to/output_filename.txt
[/codesyntax]
This is a much better version of the above script …
[codesyntax lang=”bash”]
#!/bin/bash #=============================================================================== # # FILE: sed_time2.sh # # USAGE: ./sed_time2.sh # # DESCRIPTION: # # OPTIONS: --- # REQUIREMENTS: --- # BUGS: --- # NOTES: --- # AUTHOR: Ed Wiget (), [email protected] # COMPANY: # VERSION: 1.0 # CREATED: 04/28/2017 11:25:39 AM EDT # REVISION: --- #=============================================================================== if [ "$1" = "" ]; then echo "how long ago as starting time in minutes, i.e. 30 for 30 minutes" read PTIME else PTIME=$1 fi # current time DNOW=`date +%d/%b/%Y:%H:%M:%S` # time formatted escaped sed ready ESCAPED_DNOW=`echo ${DNOW} | sed 's,/,\\\/,g' | sed 's,:,\\\:,g'` # previous time PDATE=`date +%d/%b/%Y:%H:%M:%S --date="${PTIME} minutes ago"` # time formatted escaped sed ready ESCAPED_PDATE=`echo ${PDATE} | sed 's,/,\\\/,g' | sed 's,:,\\\:,g'` # now we can simply echo the sed line echo "sed -n '/${ESCAPED_PDATE}/,/${ESCAPED_DNOW}/ p'"
[/codesyntax]
Leave a Reply
You must be logged in to post a comment.