How to count duplicate log entries

Question

I want to analyse a log file and count recurring log entries.

I saw this answer, but every log entry is unique because of the time stamp.

If the log entry is of the format

Time stamp: [log message]

How do I remove the start of the line up to the [colon][space] so I can count them? I am guessing a sed command might do it?

[edit]

Sadly that was an over simplification on my part of the log. Example of log;

Jun 27 20:39:26 emonpi systemd[1]: Starting Clean php session files...
Jun 27 20:39:26 emonpi systemd[1]: Started Clean php session files.
Jun 27 21:09:25 emonpi systemd[1]: Starting Clean php session files...
Jun 27 21:09:26 emonpi systemd[1]: Started Clean php session files.

where the unique element to search on would be the first : (colon space).

I want this to count each of these messages in the log file.

Answer 1

Assuming every log message is within square brackets and the name of the file is "file.log", this will give you the desired output:

grep -E -o '\[.+?\].*' file.log | sort | uniq -c.

For future use cases, I recommend you familiarise yourself with regular expressions. They are very helpful.

Answer 2

Thanks to @pyromonk who pointed me in the right direction.

grep -E -o  ':\s.*' syslog | sort -nr | uniq -cd

did what I needed. As not all messages are formatted the same I needed to run this with several different regex.

What I learnt is that the -o part of the grep sends on the matched part of the line to the sort and count. The output did not come out as an ordered list but did count the unique log messages.