0

I'm trying to get a certain timestamps (in my case every 15 minute) in logfile using sed command in bash scripting.

My question is, can I replace the hours in the command with a variable?

This is script that I want:

#!/bin/bash

hour=`date +%H` #Current Hours e.g 14:00

sed -n '/$hour:15:00/,/$hour:30:00/p' file.log | nice grep Event

The result will print the logfile from 14:15:00 until 14:30:00. But there's a problem when the range is from 45 minute to 60 minute which is 14:45 - 15:00. Is there any solution for this?

UPDATE

This issue is already solved, the command below work for me.

sed -n "/${hour}:15:00/,/${hour}:30:00/p" file.log | nice grep Event

Other reference: Replace a string in shell script using a variable

Thank you.

== Case closed ==

Community
  • 1
  • 1
groovybear
  • 3
  • 5
  • Why do you want to change your log file? – GMichael May 23 '16 at 06:21
  • @Michael: I think he's trying to select from the log file in 15-minute increments, rather than trying to edit it. – Jonathan Leffler May 23 '16 at 06:25
  • 1
    You should show a few lines of the log file (or at least, the date/time portion of it, plus a few extra fields). One issue you should be aware of is that `sed` will do literal matches. If there was no logged event at 14:15:00 (for example, if there was one at 14:14:59 and the next was at 14:15:01) then the start of the range will never match. Similarly with the end of the range. You might do better with `awk`. Do you ever have to scan around the end of a day (23:45 - 24:00)? – Jonathan Leffler May 23 '16 at 06:28
  • The succinct answer to your direct question "can I replace the hours in the command with a variable" is "yes — of course". There are lots of issues to be resolved, but the basic answer is undoubtedly "yes". However, determining what values the variables should be set to, and deciding which tool should be used to do the extraction is not wholly obvious. If the process is run at 23:35, should be it be looking for the entries 23:15-23:30 by default, overrideable on the command line? Could there ever be circumstances in which you want to specify a period longer than 15 minutes? Etc. – Jonathan Leffler May 23 '16 at 06:32
  • Suppose current time is `12:05`. So you want to print logs between `12:00` to `12:15` or `11:45` to `12:00`? – anishsane May 23 '16 at 06:43
  • 1
    This is not the answer to your question, I am just trying to help. Aren't you looking for a continuous search in your log file as it is created by other program? I.e. something like `tail -f file.log | grep Event`?. – Marian May 23 '16 at 06:44
  • @marian: Also recommend using `--line-buffered` for grep... – anishsane May 23 '16 at 06:51
  • to be honest, this is a continuation of my previous thread (http://stackoverflow.com/questions/37246899/how-to-capture-running-log-using-bash-script). I'm trying to get the certain parameter in the logfile every 15 minute, count it and store to another file. I'll put the script in the cronjob later. – groovybear May 23 '16 at 07:11
  • @JonathanLeffler I'll run the script every 15 minutes using cronjob (0,15,30,45 * * * * /path/script.sh) so if the current time is 12:17 (in interval 15-30) the script will print the log between 12:00 to 12:15 from running log and so on. but if the current time is 12:05 (in interval the script will print the log between 00-15) the script will print the log between 11:45 to 12:00 from previous log or one-hour before log. – groovybear May 27 '16 at 03:50
  • Until there's some sample lines of the log file, I'm unwilling to answer. I'd probably go with an Awk (or Perl, or Python) solution, because they can deal with generating the time range more simply than trying to do so in shell (though the Awk in use would need to be GNU Awk for sanity — it has date/time manipulation support built-in). Doing it in shell requires a sophisticated `date` command (GNU or BSD/Mac OS X versions count, but are radically different from each other) and some mental gymnastics (some of which are required with Awk, Perl, Python too). – Jonathan Leffler May 27 '16 at 16:01

1 Answers1

0

Well, to answer the question - yes, you would take the variable out of the quotes and then it should use the value:

sed -n '/'$hour:15:00/,/'$hour':30:00/p' file.log | nice grep Event

You could also just use double quotes around the expression

sed -n "/${hour}:15:00/,/${hour}:30:00/p" file.log | nice grep Event
Stefan Hegny
  • 2,107
  • 4
  • 23
  • 26