0

I am trying to pull any logs that are 10 minutes from date or newer. I don't want anything older than 10 minutes but i still want log entries that are 1,2... 9 minutes old.

I'm trying to use sed but it's not working as i would like. It seems to only pull logs that were from 10 minutes ago and not including every log entry between.

sed -n "/^$(date --date='10 minutes ago' '+%d %b %Y %T')/,\$p" test.log

Any help would be appreciated!

Same log file:

07 Aug 2017 22:57:33,099  Error - Could not connect 
07 Aug 2017 22:57:33,256  Error - Could not connect 
07 Aug 2017 22:57:33,256  INFO -  schema updated 
07 Aug 2017 22:57:33,485  INFO -  schema updated

Thanks

connollyc4
  • 155
  • 1
  • 3
  • 15
  • 4
    Show a sample line from your log file. – Kaushik Nayak Aug 02 '17 at 05:41
  • If this is systemd based, you can configure the system to have rsyslog write to the master log files and use Journalctl to view messages between two time periods. – Raman Sailopal Aug 02 '17 at 08:04
  • Your sed looks fine, so hard to debug w/o sample input. Similar would be `grep -A4294967295 $(date --date='10 minutes ago' '+%d %b %Y %T') test.log` – stevesliva Aug 02 '17 at 14:46
  • Please add some example lines from your log file. a few you want to keep and a few you want to skip. – Lars Fischer Aug 05 '17 at 12:37
  • Hi @LarsFischer I added sample of my log file. My sed is only looking at 10 minutes ago rather than the last 10 minutes. – connollyc4 Aug 08 '17 at 03:35
  • If you're concerned about performance (ie. not just not *emitting* contents before the desired time period but not *reading* them at all), this will call for a significantly different solution (one that uses `seek()` calls to bisect through your input file). – Charles Duffy Aug 08 '17 at 19:24
  • Also, this is a **really** badly-designed log format. If dates were in a format where their ASCII sort order corresponded with their time (for instance, ISO-8601 format: `2017-08-07T22:57:33,113136000`), then you could use non-date-aware tools to efficiently extract a desired range. See for instance https://github.com/pts/pts-line-bisect – Charles Duffy Aug 08 '17 at 19:29

0 Answers0