Ok sorry, lets see if I can clarify from the following log sample:
qtp111659197-5776 - 05-26@09:37:34:240 INFO (TimingInfoProxy.java:41) - com.mycompany.api.ApiHandler-0>getUniqueDataBySource(data,{"has_values":false,"last_event_triggered":"","user_info":{"username":"alan@companyA.com","orgid":"69d467a7-9786-47e1-9c12-bb40f9bfc65d","ip":"127.0.0.1"},"date_range":{"min_date":"","start_date":"","end_date":"","trending_start_date":"","trending_end_date":""},"terms":{"and_filtering":[]}},)
qtp111659197-5776 - 05-26@09:38:34:240 INFO (TimingInfoProxy.java:41) - com.mycompany.api.ApiHandler-0>getUniqueDataBySource(data,{"has_values":false,"last_event_triggered":"","user_info":{"username":"alan@companyA.com","orgid":"69d467a7-9786-47e1-9c12-bb40f9bfc65d","ip":"127.0.0.1"},"date_range":{"min_date":"","start_date":"","end_date":"","trending_start_date":"","trending_end_date":""},"terms":{"and_filtering":[]}},)
qtp111659197-5776 - 05-26@09:39:34:240 INFO (TimingInfoProxy.java:41) - com.mycompany.api.ApiHandler-0>getUniqueDataBySource(data,{"has_values":false,"last_event_triggered":"","user_info":{"username":"bryan@companyB.com","orgid":"69d467a7-9786-47e1-9c12-bb40f9bfc65d","ip":"127.0.0.1"},"date_range":{"min_date":"","start_date":"","end_date":"","trending_start_date":"","trending_end_date":""},"terms":{"and_filtering":[]}},)
qtp111659197-5776 - 05-26@09:40:34:240 INFO (TimingInfoProxy.java:41) - com.mycompany.api.ApiHandler-0>getUniqueDataBySource(data,{"has_values":false,"last_event_triggered":"","user_info":{"username":"carl@companyA.com","orgid":"69d467a7-9786-47e1-9c12-bb40f9bfc65d","ip":"127.0.0.1"},"date_range":{"min_date":"","start_date":"","end_date":"","trending_start_date":"","trending_end_date":""},"terms":{"and_filtering":[]}},)
qtp111659197-5776 - 05-26@09:41:34:240 INFO (TimingInfoProxy.java:41) - com.mycompany.api.ApiHandler-0>getUniqueDataBySource(data,{"has_values":false,"last_event_triggered":"","user_info":{"username":"dan@companyB.com","orgid":"69d467a7-9786-47e1-9c12-bb40f9bfc65d","ip":"127.0.0.1"},"date_range":{"min_date":"","start_date":"","end_date":"","trending_start_date":"","trending_end_date":""},"terms":{"and_filtering":[]}},)
qtp111659197-5776 - 05-27@09:37:34:240 INFO (TimingInfoProxy.java:41) - com.mycompany.api.ApiHandler-0>getUniqueDataBySource(data,{"has_values":false,"last_event_triggered":"","user_info":{"username":"alan@companyA.com","orgid":"69d467a7-9786-47e1-9c12-bb40f9bfc65d","ip":"127.0.0.1"},"date_range":{"min_date":"","start_date":"","end_date":"","trending_start_date":"","trending_end_date":""},"terms":{"and_filtering":[]}},)
qtp111659197-5776 - 05-27@09:38:34:240 INFO (TimingInfoProxy.java:41) - com.mycompany.api.ApiHandler-0>getUniqueDataBySource(data,{"has_values":false,"last_event_triggered":"","user_info":{"username":"bryan@companyB.com","orgid":"69d467a7-9786-47e1-9c12-bb40f9bfc65d","ip":"127.0.0.1"},"date_range":{"min_date":"","start_date":"","end_date":"","trending_start_date":"","trending_end_date":""},"terms":{"and_filtering":[]}},)
qtp111659197-5776 - 05-27@09:39:34:240 INFO (TimingInfoProxy.java:41) - com.mycompany.api.ApiHandler-0>getUniqueDataBySource(data,{"has_values":false,"last_event_triggered":"","user_info":{"username":"carl@companyA.com","orgid":"69d467a7-9786-47e1-9c12-bb40f9bfc65d","ip":"127.0.0.1"},"date_range":{"min_date":"","start_date":"","end_date":"","trending_start_date":"","trending_end_date":""},"terms":{"and_filtering":[]}},)
qtp111659197-5776 - 05-27@09:40:34:240 INFO (TimingInfoProxy.java:41) - com.mycompany.api.ApiHandler-0>getUniqueDataBySource(data,{"has_values":false,"last_event_triggered":"","user_info":{"username":"dan@companyB.com","orgid":"69d467a7-9786-47e1-9c12-bb40f9bfc65d","ip":"127.0.0.1"},"date_range":{"min_date":"","start_date":"","end_date":"","trending_start_date":"","trending_end_date":""},"terms":{"and_filtering":[]}},)
qtp111659197-5776 - 05-27@09:41:34:240 INFO (TimingInfoProxy.java:41) - com.mycompany.api.ApiHandler-0>getUniqueDataBySource(data,{"has_values":false,"last_event_triggered":"","user_info":{"username":"dan@companyB.com","orgid":"69d467a7-9786-47e1-9c12-bb40f9bfc65d","ip":"127.0.0.1"},"date_range":{"min_date":"","start_date":"","end_date":"","trending_start_date":"","trending_end_date":""},"terms":{"and_filtering":[]}},)
So basically I need to export his requirements into a spreadsheet. He wants to be able to see the data sorted first by organization, then by date, then user alphanumerically (within that organization), and finally the number of entries for that user for that specified date.
So for the first user with an entry in the sample log, alan@companyA.com, he had two log entries on 05-26 and one entry on 05-27. So output for just him would look like this:
companyA,05-26,alan,2
companyA,05-27,alan,1
And this is what it would look like for the entire 10 line sample log:
companyA,05-26,alan,2
companyA,05-26,carl,1
companyA,05-27,alan,1
companyA,05-27,carl,1
companyB,05-26,bryan,1
companyB,05-26,dan,1
companyB,05-27,bryan,1
companyB,05-27,dan,2
---------- Post updated at 03:32 PM ---------- Previous update was at 02:26 PM ----------
FWIW this seems to work:
awk '
match($0, /"username":"[^"]*"/) {
split($3, d, "@")
user = substr($0, RSTART + 12, RLENGTH - 17)
split(user, e, "@")
c[e[2] "," d[1] "," e[1]]++
}
END { for(i in c)
printf("" "%s,%d\n", i, c)
}' liquidgrids.log | sort -t, -k1,1 -k2,2 -k3,3
The way I got rid of the .com from the username was changing
RLENGTH - 13
into
RLENGTH - 17
Not sure if that's a proper way to go about this or if it would cause problems that I'm unaware of.