2

The logs are in the format:

2018-06-25 00:00:20,073 DEBUG SAMPLE TEXT CONTENT
2018-06-26 00:00:20,073 ERROR SAMPLE TEXT CONTENT
2018-06-26 17:37:20,073 ERROR SAMPLE TEXT CONTENT
2018-06-26 19:00:20,073 DEBUG SAMPLE TEXT CONTENT
2018-06-27 00:00:20,073 DEBUG SAMPLE TEXT CONTENT
2018-06-28 00:00:20,073 ERROR SAMPLE TEXT CONTENT
2018-06-29 00:00:20,073 ERROR SAMPLE TEXT CONTENT
2018-06-30 00:00:20,073 DEBUG SAMPLE TEXT CONTENT
2018-07-01 11:00:20,073 ERROR SAMPLE TEXT CONTENT
2018-07-02 02:00:20,073 DEBUG SAMPLE TEXT CONTENT
2018-07-02 00:00:20,073 ERROR SAMPLE TEXT CONTENT
2018-07-03 20:00:20,073 ERROR SAMPLE TEXT CONTENT

I want to find and display all the logs between 2 dates (suppose 2018-06-26 to 2018-07-02) which have the word ERROR in it. I am gonna take the dates in dynamically so they will be variables $FROM and $TO.

Any grep, awk or sed implementation will do

EDIT: Both the $TO and $FROM dates should be inclusive and might need to access multiple log files so the logs may not be sorted

Improve this question
1
  • Should the errors that occur on $TO be included or not? Commented Jun 25, 2018 at 16:35

4 Answers 4

Reset to default
3

awk, using -v option to pass shell variables into awk variables:

$ awk -v from="$FROM" -v to="$TO" 'from <= $1 && $1 <= to && /ERROR/' log.txt
2018-06-26 00:00:20,073 ERROR SAMPLE TEXT CONTENT
2018-06-26 17:37:20,073 ERROR SAMPLE TEXT CONTENT
2018-06-28 00:00:20,073 ERROR SAMPLE TEXT CONTENT
2018-06-29 00:00:20,073 ERROR SAMPLE TEXT CONTENT
2018-07-01 11:00:20,073 ERROR SAMPLE TEXT CONTENT
2018-07-02 00:00:20,073 ERROR SAMPLE TEXT CONTENT
Improve this answer
0
1

Using AWK:

awk '/'$FROM'/,/'$TO'/ {print $0}' log.txt | grep ERROR

Using sed:

sed -n '/'$FROM'/,/'$TO'/p' log.txt | grep ERROR
Improve this answer
6
  • Nice one. Works only when the log is sorted by date. This will be the case most of the times, but maybe worth mentioning. Commented Jun 25, 2018 at 12:41
  • @RoVo log file will have a date sorted by default. Commented Jun 25, 2018 at 13:06
  • Yes. This is what I said. But maybe other people have another use case and think this answer is valid for them too, so it might be worth mentioning. Commented Jun 25, 2018 at 13:08
  • This does not include error from the $TO day. @Pratik, is this a problem? Commented Jun 25, 2018 at 14:48
  • @SivaPrasath I need look at multiple files and since they are compressed at different times the logs might not always be sorted so I think I need something that work on an unsorted file too Commented Jun 26, 2018 at 6:27
1

Simple yet effective;

egrep '2018-06-26|2018-07-02' log file | grep "ERROR"

Improve this answer
0

Loop the dates (via):

FROM=2018-06-26
TO=2018-07-02
d=$FROM
while [ $d != $TO ]; do 
  grep "^${d}.*ERROR" logfile
  d=$(date -I -d "$d + 1 day")
done
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.