Hello
does anyone know of an awk that will extract log file entries between a specific date and time range, eg:
awk '/15\/Dec\/2010:16:10:00/, /15\/Dec\/2010:16:15:00/' access_log
but one that works?
Or a free command line log file analysis tool/script?
I'd like to be able to view date/time range on Apache logs/error logs as my VPS server has occasional loads that spike over 200 (yes, 200!).
Thanks.
you were very close. try something like this:
awk '/Sun Dec 19 02:/,/Sun Dec 19 04:/' << EOF
dont get this
Sun Dec 19 02:58:01 EST 2010
get this
Sun Dec 19 04:58:01 EST 2010
but not this.
EOF
Above won't work with apache2 log entries, but as quirkasaurus said you were real close.
The issue is that unless a logs for the exact times of 16:10:00 and 16:15:00 exist you don't get anything. The following will work as long as you get a log within the 16:10 and 16:15 minutes:
awk '/15\/Dec\/2010:16:10:/, /15\/Dec\/2010:16:15:/' access_log
But better is to just cover the range (works for situations like just having entries for the 16:12 minute range):
awk '$4>"[15/Dec/2010:16:10:" && $4<"[15/Dec/2010:16:15:99"' access_log