Easy way to extract Logs on a Date/Line Range in LINUX

Example: range of date to be extracted in the /var/log/message. Oct 26-27
our x will be Oct 26, y will be Oct 27

1. Get the first line number which will be our x reference (x - Oct 26).

$ grep -n 'Oct 26' /var/log/messages | head

The initial reference of x = 29933

Sample Output:

29933:Oct 26 00:00:00 postfix nagios: LOG ROTATION: DAILY
29934:Oct 26 00:00:00 postfix nagios: LOG VERSION: 2.0
29935:Oct 26 00:00:00 postfix nagios: CURRENT HOST STATE: localhost;UP;HARD;1;PING OK - Packet loss = 0%
29936:Oct 26 00:00:00 postfix nagios: CURRENT SERVICE STATE: localhost;Current Load;OK;HARD;1;OK
29937:Oct 26 00:00:00 postfix nagios: CURRENT SERVICE STATE: localhost;Current Users;OK;HARD;1
29938:Oct 26 00:00:00 postfix nagios: CURRENT SERVICE STATE: localhost;HTTP;WARNING
29939:Oct 26 00:00:00 postfix nagios: CURRENT SERVICE STATE: localhost;PING;OK;HARD;1;PING OK - Packet loss = 0%
29940:Oct 26 00:00:00 postfix nagios: CURRENT SERVICE STATE: localhost;Root Partition;OK;HARD;1;DISK OK - free space
29941:Oct 26 00:00:00 postfix nagios: CURRENT SERVICE STATE: localhost;SSH;OK;HARD;1;SSH OK
29942:Oct 26 00:00:00 postfix nagios: CURRENT SERVICE STATE: localhost;Swap Usage;OK;HARD;1;

2. Get the last line number which will be our y reference (x - Oct 27).

$ grep -n 'Oct 27' /var/log/messages | tail

The last reference of y = 89712

Sample Output:

89703:Oct 27 23:59:14 postfix snmpd[18448]: -- IF-MIB::ifPhysAddress.1
89704:Oct 27 23:59:16 postfix snmpd[18448]: Connection from UDP: [192.168.0.x]:1055
89705:Oct 27 23:59:26 postfix last message repeated 15 times
89706:Oct 27 23:59:36 postfix snmpd[18448]: Connection from UDP: [192.168.0.131]:4118
89707:Oct 27 23:59:36 postfix snmpd[18448]: Received SNMP packet(s) from UDP: [192.168.0.x]:4118
89708:Oct 27 23:59:36 postfix snmpd[18448]: send response: Failure in sendto
89709:Oct 27 23:59:36 postfix snmpd[18448]: -- SNMPv2-MIB::sysObjectID.0
89710:Oct 27 23:59:36 postfix snmpd[18448]: -- IF-MIB::ifPhysAddress.1
89711:Oct 27 23:59:36 postfix snmpd[18448]: Connection from UDP: [192.168.0.x]:1055
89712:Oct 27 23:59:56 postfix last message repeated 23 times

3. Use the x,y reference to extract the file : x = 29933, y =89712

$ sed -n '29933,89712p' /var/log/messages > newfilename

Comments

Post a Comment

Popular posts from this blog

Scraping an Entire Website using LINUX

Web scraping (also called Web harvesting or Web data extraction) is a computer software technique of extracting information from websites. Usually, such software programs simulate human exploration of the Web by either implementing low-level Hypertext Transfer Protocol (HTTP), or embedding certain full-fledged Web browsers, such as the Internet Explorer (IE) and the Mozilla Web browser. Web scraping is closely related to Web indexing, which indexes Web content using a bot and is a universal technique adopted by most search engines. In contrast, Web scraping focuses more on the transformation of unstructured Web content, typically in HTML format, into structured data that can be stored and analyzed in a central local database or spreadsheet. Web scraping is also related to Web automation, which simulates human Web browsing using computer software. Exemplary uses of Web scraping include online price comparison, weather data monitoring, website change detection, Web research, Web content ...
Read more

Linux OS Backup and Recovery

Image
Source :http://relax-and-recover.org/documentation/getting-started This quick start guide will show you how to run Relax-and-Recover from the git checkout and create a bootable USB backup. Start by cloning the Relax-and-Recover sources from Github: git clone https://github.com/rear/rear.git Move into the rear/ directory: cd rear/ Prepare your USB media. Change /dev/sdb to the correct device in your situation. Relax-and-Recover will ‘own’ the device in this example. This will destroy all data on that device. sudo usr/sbin/rear format /dev/sdb Relax-and-recover asks you to confirm that you want to format the device: Yes The device has been labeled REAR-000 by the ‘format’ workflow. Now edit the ‘etc/rear/local.conf’ configuration file: cat > etc/rear/local.conf < Now you are ready to create a rescue image. We want verbose output. sudo usr/sbin/rear -v mkrescue The output I get is: Relax-and-Recover 1.13.0 / $Date$ Using log file: /home/jeroen/tmp/...
Read more

Radiator Radius Installation connecting to ORACLE (CentOS)

1. Download and install the Oracle client connectors. http://www.oracle.com/index.html oracle-instantclient-basic-10.2.0.3-1.i386.rpm oracle-instantclient-devel-10.2.0.3-1.i386.rpm oracle-instantclient-sqlplus-10.2.0.3-1.i386.rpm rpm -Uvh oracle-instantclient-basic-10.2.0.3-1.i386.rpm rpm -Uvh oracle-instantclient-devel-10.2.0.3-1.i386.rpm rpm -Uvh oracle-instantclient-sqlplus-10.2.0.3-1.i386.rpm 2. Set the environment variables. # ORACLE_HOME=/usr/lib/oracle/10.2.0.3/client/lib # export ORACLE_HOME # export LD_LIBRARY_PATH=$ORACLE_HOME # TNS_ADMIN=/usr/lib/oracle/10.2.0.3/client/admin # export TNS_ADMIN # mkdir /usr/lib/oracle/10.2.0.3/client/admin 3. Edit /etc/profiles and insert the lines below. ORACLE_HOME=/usr/lib/oracle/10.2.0.3/client/lib export ORACLE_HOME export LD_LIBRARY_PATH=$ORACLE_HOME TNS_ADMIN=/usr/lib/oracle/10.2.0.3/client/admin export TNS_ADMIN 4. Create a file "tnsnames.ora" and insert the settings below. SERVER1= (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = ...
Read more