Display lines between timestamp

guddu_12 · July 22, 2016, 6:05am

Hi Gurus,

I have a software which logs event in the log file and it has become to big to search into it.

I want to display all the lines from the log files between

<Jul 21, 2016 3:30:37 PM BST> to <Jul 21, 2016 3:45:37 PM BST>

that is 15 min data .

Please help

zaxxon · July 22, 2016, 6:54am

What have you tried so far and please post a snippet of the log, 5-6 lines using code tags, thank you.

guddu_12 · July 22, 2016, 7:04am

hI

MY CODE is as below

 sed -n "/Jul 21, 2016 3:30:37 PM BST>/,/Jul 21, 2016 15:41:33/p" nodemanager.log

but didn't return any data

Sample data as below

<Jul 22, 2016 11:22:12 AM BST> <INFO> <1265706386:28759:ERR:ORA-06512: at "SYS.DBMS_STATS", line 23818>
<Jul 22, 2016 11:22:12 AM BST> <INFO> <1265706386:28759:ERR:ORA-06512: at "SYS.DBMS_STATS", line 23880>
<Jul 22, 2016 11:22:12 AM BST> <INFO> <1265706386:28759:ERR:ORA-06512: at line 2>
<Jul 22, 2016 11:22:12 AM BST> <INFO> <1265706386:28759:ERR:>
<Jul 22, 2016 11:22:12 AM BST> <INFO> <1265706386:28759:ERR:Failed query text:>
<Jul 22, 2016 11:22:12 AM BST> <INFO> <1265706386:28759:ERR:>
<Jul 22, 2016 11:22:12 AM BST> <INFO> <1265706386:28759:ERR:begin>

RudiC · July 22, 2016, 7:26am

Are you sure any of your search patterns will match any of the lines in your file, and correct to a dot? Sure that there's just one single space in front of the 3:30:37 ? Sure 15:41 exist when the AM/PM notation is used?

BTW, wasn't it possible to post a sample that matches (part of) the code snippet?

zaxxon · July 22, 2016, 7:31am

The statement is ok and should work if the patterns are part of the input file.
Just to make sure, can you please issue the following two commands:

grep -c "Jul 21, 2016 3:30:37 PM BST>" nodemanager.log

# and

grep -c "Jul 21, 2016 15:41:33" nodemanager.log

.. and post the numbers you get?

guddu_12 · July 22, 2016, 8:36am

Hi

It is not returning any data form grep

I wanted to to all the lines between time 3:30 to 3:41 because the event occured between those time and can't trace as can't read the log files.

RudiC · July 22, 2016, 9:15am

Anything from Jul 21 in there?

guddu_12 · July 22, 2016, 9:28am

hI

I ran search which should give clue for 21-july data which as below

 grep "ROOT_CAUSE" nodemanager.log

<Jul 21, 2016 3:40:46 PM BST> <INFO> <1265706386:28759:ERR:drop table ODIADMIN.C$_0DATA_UNDERLYING_ROOT_CAUSE purge >
<Jul 21, 2016 3:40:57 PM BST> <INFO> <1265706386:28759:ERR:drop table ODIADMIN.C$_0DATA_UNDERLYING_ROOT_CAUSE purge >
<Jul 21, 2016 3:40:58 PM BST> <INFO> <1265706386:28759:ERR:2016-07-21 15:40:58.591 ERROR ODI-1217 Session MAP_STG_DATA_UNDERLYING_ROOT_CAUSE_TIN (891071) fails with return code ODI-1298.>
<Jul 21, 2016 3:41:32 PM BST> <INFO> <1265706386:28759:ERR:2016-07-21 15:41:32.412 ERROR ODI-1134 Agent PDWOracleDIAgent_01 encountered an error: ODI-1217: Session MAP_STG_DATA_UNDERLYING_ROOT_CAUSE_TIN (891071) fails with return code ODI-1298. Caused by: ODI-1226: Step Physical_STEP fails after 1 attempt(s).>

You can see the 21-july data but i am still not getting data between 3:30 to 3:41.

above data shows the even occured at that time but i can't see the full text which spans 5 to 6 min

zaxxon · July 22, 2016, 9:40am

Ok, what happens if you issue:

sed -n '/Jul 21, 2016 3:40:46 PM BST/,/Jul 21, 2016 3:41:32 PM BST/p' nodemanager.log

?

RudiC · July 22, 2016, 9:41am

What be the result of

grep "Jul 21, 2016 3" nodemanager.log

and/or

grep "Jul 21, 2016 3:3" nodemanager.log

guddu_12 · July 22, 2016, 11:35am

Hi

This is working and sufficient for me

Many thanks