1

I have two log files namely, Log1.log and Log2.log each containing following data.

Log1.log:
Apr 10 02:07:20  Data 1
May 10 04:11:09  Data 2
June 11 06:22:35  Data 3
Aug 12 09:08:07  Data 4

Log2.log
Apr 10 09:07:20  Data 1
Apr 10 10:07:10  Data 2
Jul 11 11:07:30  Data 3
Aug 18 12:50:40  Data 4

What command I can use to get the data between Apr 10 02:07:20 to Aug 18 12:50:40.

I have used 

$ awk -v start=01:06:04 -v stop=01:07:16 'start <= $3 && $3 <= stop' Log1.log Log2.log

I have also used

awk -v StartTime="$StartTime" -v EndTime="$EndTime" -f script.sh Log1.log Log2.log

where script.sh contains,

BEGIN { Keep = 0;}
{
if($3 >= StartTime)
{
    keep = 1;
}
if ($3 > EndTime) 
{
    exit;
}

if(keep)
{ 
     print;
}

}

I am not getting the desired result. Can someone help me in improving me answer?Thanks in advance

Vedh
  • 93
  • 1
  • 10

1 Answers1

0

I would first use sort to sort the input. Then I would use sed to extract that range:

LC_TIME=C sort -t' ' -k1,1M -k2,3n 1.log 2.log \
    | sed -n '/Apr 10 02:07:20/,/Aug 18 12:50:40/p'

Btw, it is not fully clear to me if you want to exclude or include the range borders. The above example includes them, the below example excludes them:

LC_TIME=C sort -t' ' -k1,1M -k2,3n 1.log 2.log \
    | sed -n  '/Apr 10 02:07:20/,/Aug 12 09:08:07/{/Apr 10 02:07:20/!{/Aug 12 09:08:07/!p}}

At least GNU sed allows to simplify the latter command to:

LC_TIME=C sort -t' ' -k1,1M -k2,3n 1.log 2.log \
    | sed -n  '/Apr 10 02:07:20/,/Aug 12 09:08:07/{//!p}'
hek2mgl
  • 152,036
  • 28
  • 249
  • 266
  • Thanks for the answer. I am a beginner, still I have some doubts.May I know why `LC_TIME=C` is used?is the code is a single line or first i should execute the first line and then the sed command.? – Vedh Jun 21 '16 at 10:08
  • (1) `LC_TIME=C` is required for the the (simplified) `sort -M` command. `-M` means *month sort*. To sort the months in the log file correctly we enforce an English locale (since the names a re English in the log file). When I execute the sort command for example on my German system it will not work correctly without `LC_TIME=C`. – hek2mgl Jun 21 '16 at 10:21
  • (2) The command is a single line. The backslash in bash (used as the last(!) character in a line) can be used to spread a single line command across multiple lines. This is just for readability. – hek2mgl Jun 21 '16 at 10:22
  • Actually I am using GIT Bash. I am getting for `sort`should the file name to be specified before sort? – Vedh Jun 21 '16 at 11:00
  • @Iniyan Thnks for the answer. How to specify the files which I am using. – Vedh Jun 21 '16 at 11:01
  • @Vishwaroopa Can you elaborate? I don't get that. – hek2mgl Jun 21 '16 at 11:08
  • I've double checked that the `-M` option is not a GNU extension. Regarless of your system it should work. – hek2mgl Jun 21 '16 at 11:34
  • understood your code now. suppose if my endtime is Jun 10 00:00:00(which is not in the log) how can I stop it to the nearest date? that is, May 10 04;11:09. Same for the startime. how can i start from the nearest date if the specified date is not present in the log? – Vedh Jun 22 '16 at 05:26
  • Also I have one more doubt. Can I divide the result into two parts? that is, Log1 data : and Log 2 data: is that possible? – Vedh Jun 22 '16 at 05:31
  • If you want that, you need to sort the files separately and process them in a loop – hek2mgl Jun 22 '16 at 07:57
  • is there any option to subdivide my result into two parts? that is, log file1 and log file 2? – Vedh Jun 22 '16 at 09:52
  • Just execute the command twice. Once for 1.log once for 2.log – hek2mgl Jun 22 '16 at 10:02
  • if my endtime is Jun 10 00:00:00(which is not in the log) how can I stop it to the nearest date? that is, May 10 04;11:09. Same for the startime. how can i start from the nearest date if the specified date is not present in the log?Is that possible? – Vedh Jun 23 '16 at 05:11