Home > other >  Extract data from log file for last 24 hours
Extract data from log file for last 24 hours

Time:09-23

I want to display logs for last 24 hours

I trid this but this is not best and dynamic way.

utmpdump /var/log/wtmp* | awk '/2022-09-22/, /2022-09-23/'

Any other way to display when you run script it should take last 24 hours

log file

[8] [528314] [    ] [        ] [pts/1       ] [                    ] [0.0.0.0        ] [2022-09-18T18:44:12,422480 00:00]
[8] [476233] [    ] [        ] [pts/0       ] [                    ] [0.0.0.0        ] [2022-09-18T19:25:11,585556 00:00]
[7] [544366] [ts/0] [centos  ] [pts/0       ] [92.46.127.82        ] [92.46.127.82   ] [2022-09-19T04:59:51,304439 00:00]
[8] [544366] [    ] [        ] [pts/0       ] [                    ] [0.0.0.0        ] [2022-09-19T04:59:51,517787 00:00]
[7] [544366] [ts/0] [centos  ] [pts/0       ] [92.46.127.82        ] [92.46.127.82   ] [2022-09-19T04:59:54,121598 00:00]
[8] [544366] [    ] [        ] [pts/0       ] [                    ] [0.0.0.0        ] [2022-09-19T04:59:54,361475 00:00]
[7] [544366] [ts/0] [centos  ] [pts/0       ] [92.46.127.82        ] [92.46.127.82   ] [2022-09-19T04:59:56,613335 00:00]
[8] [544366] [    ] [        ] [pts/0       ] [                    ] [0.0.0.0        ] [2022-09-19T04:59:56,810335 00:00]
[7] [544822] [ts/0] [centos  ] [pts/0       ] [92.46.127.82        ] [92.46.127.82   ] [2022-09-19T05:01:33,299161 00:00]
[8] [544822] [    ] [        ] [pts/0       ] [                    ] [0.0.0.0        ] [2022-09-19T05:01:33,572603 00:00]
[7] [544822] [ts/0] [centos  ] [pts/0       ] [92.46.127.82        ] [92.46.127.82   ] [2022-09-19T05:01:33,897001 00:00]
[8] [544822] [    ] [        ] [pts/0       ] [                    ] [0.0.0.0        ] [2022-09-19T05:01:34,152397 00:00]
[7] [544822] [ts/0] [centos  ] [pts/0       ] [92.46.127.82        ] [92.46.127.82   ] [2022-09-19T05:01:34,438247 00:00]
[8] [544822] [    ] [        ] [pts/0       ] [                    ] [0.0.0.0        ] [2022-09-19T05:01:34,696364 00:00]
[7] [544822] [ts/0] [centos  ] [pts/0       ] [92.46.127.82        ] [92.46.127.82   ] [2022-09-19T05:01:34,978371 00:00

CodePudding user response:

Not necessarily exactly 24 hours (but your question also only filters for yesterday and today, regardless of the current hour), but perhaps you are looking for command substitution to substitute yesterday's and today's date?

utmpdump /var/log/wtmp* | awk "/$(date -I -dyesterday)/,/$(date -I)/"

CodePudding user response:

With your shown samples please try following awk code. I am using GNU date flavor here. Also this code will print from yesterday's date to till today's date(ALL Logs, because if you simply put range /a/,/b/ then it will catch b's 1st occurrence only but this code will print all lines of today's date.

awk -v yesterdayDate=$(date -d '-1 day' ' %Y-%m-%d') -v todaysDate=$(date  %Y-%m-%d) '
index($0,yesterdayDate),index($0,todaysDate){
  print
  if(index($0,todaysDate)){
    found=1
  }
}
index($0,todaysDate) && found
'  Input_file

Page link:https//www.codepudding.com/other/554578.html

Prev:I want to send post request in angular 13. The first request response returns id which i want to pos
Next:How to run DDL commands on SQL Server database from C# and know about its results?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding