Calculate packet in/out interval script

Hello

I'm trying to find interval for packet IN/OUT for a gateway.

log looks like:

02.12.2011 16.28.29:200 PDU  IN CI:424 TRID:200 ID:N/A EID:N/A EX:N/A PDU:0000001f0000000100000000000000c874746f700074746f70000034010100
02.12.2011 16.28.29:228 PDU  OU CI:424 TRID:200 ID:N/A EID:N/A EX:ACK PDU:000000168000000100000000000000c8000210000134

I 've wrote below script to print out PDU IN/OUT timestamps based on combination of "CID"&"TRID" so I can find if delay took place.

#!/bin/sh
#get all combination of TRID, CID
nawk -v v=200202 '{if(match($5,v))print $5 " "$6}' $LOG | uniq > $OUTPUT
#find PDU IN,OU that match above combination TRID,CID
while read line 
do
grep -w "`echo $line`" $LOG | nawk -v v="$line" '{
if($4=="IN") printf"%s in: %s ",v,$2;
if($4=="OU") printf"out: %s\n",$2; 
}'
done < $OUTPUT

Output looks as below:

CI:200202 TRID:273111253 in: 20.30.19:760 out: 20.30.19:775
CI:200202 TRID:273111269 in: 20.30.20:400 out: 20.30.20:402
CI:200202 TRID:273111278 in: 20.30.20:400 out: 20.30.20:415
CI:200202 TRID:273111269 in: 20.30.20:400 out: 20.30.20:402
CI:200202 TRID:273111278 in: 20.30.20:400 out: 20.30.20:415

Is there someway to merge above 2 nawk statement into 1 nawk command.

in other words how can I find a certain field "TRID" and then get all matched rows in one nawk command.

So sorry for long thread description.

Best Regards

Try this:

nawk -v v=200202 -F '[: ]*' '
  $7==v&&$5=="IN" { I[$9]=$2":"$3}
  $7==v&&$5=="OU" { O[$9]=$2":"$3}
  END {for(t in O) print "CI:"v " TRID:"t " in: "I[t] " out: "O[t] }' infile

Many thanks for reply.

Would you please let me know what would be FS when we type:

-F '[: ]*' '

Best Regards

it means,when fs matches the ':' and/or 'space' repeated as many times then produce(split filelds as that) it
so this can be like these

':' single colon
' ' single space
'    ' multiple spaces
'::::' multiple colons
'   :: :   :  '  multiple spaces and colons in random places

regards
ygemici