E Mon Oct 06 00:17:08 2008 xxx2 cm:10614 fm_pi2_svc_iptv_purchase.c:149 1:pin_deferred_act:10601:11:169:1223245028:16
pi2_op_svc_iptv_purchase error
<location=PIN_ERRLOC_FM:5 class=PIN_ERRCLASS_SYSTEM_DETERMINATE:1 errno=PIN_ERR_NOT_FOUND:3>
D Mon Oct 06 00:42:26 2008 xxx2 cm:10611 fm_pi2_mov_wal_change.c:341 1:xxxxapp2:pin_deferred_act:10601:2:169:1223246545:104
WAL_PRODUCT_CHANGE input flist
D Mon Oct 06 00:42:26 2008 xxxxapp2 cm:10611 fm_pi2_mov_wal_change.c:341 1:xxxxapp2:pin_deferred_act:10601:2:169:1223246545:104
WAL_PRODUCT_CHANGE input flist
E Mon Oct 06 00:17:08 2008 xxxxapp2 cm:10614 fm_pi2_svc_iptv_purchase.c:149 1:xxxxapp2:pin_deferred_act:10601:11:169:1223245028:16
pi2_op_svc_iptv_purchase error
<location=PIN_ERRLOC_FM:5 class=PIN_ERRCLASS_SYSTEM_DETERMINATE:1 errno=PIN_ERR_NOT_FOUND:3>
<location=PIN_ERRLOC_FM:5 class=PIN_ERRCLASS_SYSTEM_DETERMINATE:1 errno=PIN_ERR_NOT_FOUND:3>
<location=PIN_ERRLOC_FM:5 class=PIN_ERRCLASS_SYSTEM_DETERMINATE:1 errno=PIN_ERR_NOT_FOUND:3>
D Mon Oct 06 00:17:08 2008 xxxxapp2 cm:10614 fm_pi2_svc_iptv_purchase.c:149 1:xxxxapp2:pin_deferred_act:10601:11:169:1223245028:16
XXXXXXXXXXXXX
I need to filter this log file based on the process id which is marked as bold.
if i am giving 10614 as a input parameter it should show only the logs of that process id like this :
E Mon Oct 06 00:17:08 2008 xxx2 cm:10614 fm_pi2_svc_iptv_purchase.c:149 1:pin_deferred_act:10601:11:169:1223245028:16
pi2_op_svc_iptv_purchase error
<location=PIN_ERRLOC_FM:5 class=PIN_ERRCLASS_SYSTEM_DETERMINATE:1 errno=PIN_ERR_NOT_FOUND:3>
E Mon Oct 06 00:17:08 2008 xxxxapp2 cm:10614 fm_pi2_svc_iptv_purchase.c:149 1:xxxxapp2:pin_deferred_act:10601:11:169:1223245028:16
pi2_op_svc_iptv_purchase error
<location=PIN_ERRLOC_FM:5 class=PIN_ERRCLASS_SYSTEM_DETERMINATE:1 errno=PIN_ERR_NOT_FOUND:3>
<location=PIN_ERRLOC_FM:5 class=PIN_ERRCLASS_SYSTEM_DETERMINATE:1 errno=PIN_ERR_NOT_FOUND:3>
<location=PIN_ERRLOC_FM:5 class=PIN_ERRCLASS_SYSTEM_DETERMINATE:1 errno=PIN_ERR_NOT_FOUND:3>
D Mon Oct 06 00:17:08 2008 xxxxapp2 cm:10614 fm_pi2_svc_iptv_purchase.c:149 1:xxxxapp2:pin_deferred_act:10601:11:169:1223245028:16
XXXXXXXXXXXXX
var=value assigns a value to a variable var accessible inside the AWK code.
So id=123 is the desired id to be passed to the program.
Following the code logic we have:
Construct the logical record (r) by concatenating all the records seen so far:
record r -> if record is not empty: r ? -> add a record separator (RS, newline by default) and the current record ($0): r RS $0, else (record is empty, it's the first access -> assign the value of the current record: : $0
This is the meaning of the following expression:
{ r = r ? r RS $0 : $0 }
Check if the current record matches the pattern "cm:" followed by the value of the variable id (see above): $0 ~ "cm:" id. If the test returns true, auto increment the value of the variable f (f for flag, marker): { f++ }.
$0 ~ "cm:" id { f++ }
If the current record does not match the pattern [1] : the line does not begin with a blank character (tab or space), these are your E, D etc records, do the following:
check if the value of the variable f in Boolean context returns true (is not an empty string or has a numeric value 0): if it's true (not 0, see 2. above), this logical record contains our id, so we print it: print r.
reset the r and the f variables, we will initialize them after if needed.
!/^[\t ]/ {
if (f) print r
r = f = 0
}
After reading the entire input check if we have something to print.
This is because of the build (r) -> set (f) -> check after (!/[2]/) logic:
we print the previous when we reach the current. So without the END block we may miss the last one.