extract a logs before one hour from log file

Question

I am trying to grep logs before 1 hour

like this:-

grep "$(date --date='1 hour ago +%H') /var/log/oss.log | grep "MTS" > oss.new.log

But its searching for "04" in log and my output like this

frwY01jtaX 00:04:46,739 ERROR SiteDetectionUtil:47 MTS 
OlvYM6czmz 00:04:54,348 ERROR SiteDetectionUtil:47 MTS 
5iUr2l1LNv 01:04:40,764 ERROR SiteDetectionUtil:47 MTS
EZ35Xum6eG 02:04:10,328 ERROR SiteDetectionUtil:47 MTS
pCxbg584le 02:04:21,236 ERROR SiteDetectionUtil:47 MTS
K3rPlPgIpb 03:04:50,529 ERROR SiteDetectionUtil:47 MTS
rRz4IW94mB 03:04:55,728 ERROR SiteDetectionUtil:47 MTS
Ir91iBSCUc 04:00:05,571 ERROR SiteDetectionUtil:47 MTS
jp00Sfavl5 04:00:15,489 ERROR SiteDetectionUtil:47 MTS
Ks5w1eP90F 04:00:40,794 ERROR SiteDetectionUtil:47 MTS

Its matches 04 in every hour.

I only need below output

Ir91iBSCUc 04:00:05,571 ERROR SiteDetectionUtil:47 MTS
jp00Sfavl5 04:00:15,489 ERROR SiteDetectionUtil:47 MTS
Ks5w1eP90F 04:00:40,794 ERROR SiteDetectionUtil:47 MTS
jkljkfhknk 04:00:41,768 ERROR SiteDetectionUtil:47 MTS

only 04 hour logs

Please help me...

score 1 · Accepted Answer · answered Jul 16 '13 at 06:14

1

You can try this,

grep " $(date --date='1 hour ago' '+%H').*MTS" /var/log/oss.log > oss.new.log

Or

grep "\s$(date --date='1 hour ago' '+%H').*MTS" /var/log/oss.log > oss.new.log

answered Jul 16 '13 at 06:14

sat

14,589
7
46
65

score 0 · Answer 2 · answered Jul 16 '13 at 06:14

0

Add a space before and a ":" after to your grep part . eg grep 04: should be the output of your date command

answered Jul 16 '13 at 06:14

DhruvPathak

42,059
16
116
175

extract a logs before one hour from log file

2 Answers2