Grep last 30 minutes log only

I have below command, which i use for checking last two hours log file, but i want to check 30 minutes log and discard old log, only match current time with last 30 minutes. Command i am using. This below attach log file format is for this week, but sometime it got change in time of log, so i need to search on time base not on format base.

sed -n "/^$(date --date='2 hours ago' '+%b %d %H:')\\|^$(date --date='1 hours ago' '+%b %d %H:')/p"  logfile.txt

Attached File is for review.

Sep 29 03:21:02 server1 
Sep 29 03:31:02 server1 
Sep 29 04:21:02 server1 
Sep 29 04:31:02 server1 
Sep 29 05:21:02 server1 
Sep 29 05:31:02 server1 
Sep 29 06:21:02 server1 
Sep 29 06:31:02 server1 
Sep 29 13:21:02 server1 
Sep 29 13:31:02 server1 
Sep 29 14:21:02 server1 
Sep 29 14:31:02 server1 
Sep 29 15:21:02 server1 
Sep 29 15:31:02 server1 
Sep 29 16:21:02 server1 
Sep 29 16:31:02 server1 
Sep 29 17:21:02 server1 
Sep 29 17:31:02 server1 
Sep 30 03:21:02 server1 
Sep 30 03:31:02 server1 
Sep 30 04:21:02 server1 
Sep 30 04:31:02 server1 
Sep 30 05:21:02 server1 
Sep 30 05:31:02 server1 
Sep 30 06:21:02 server1 
Sep 30 06:31:02 server1 
Sep 30 13:21:02 server1 
Sep 30 13:31:02 server1 
Sep 30 14:21:02 server1 
Sep 30 14:31:02 server1 
Sep 30 15:21:02 server1 
Sep 30 15:31:02 server1 
Sep 30 16:21:02 server1 
Sep 30 16:31:02 server1 
Sep 30 17:21:02 server1 
Sep 30 17:31:02 server1
Oct  1 03:21:02 server1 
Oct  1 03:31:02 server1 
Oct  1 04:21:02 server1 
Oct  1 04:31:02 server1 
Oct  1 05:21:02 server1 
Oct  1 05:31:02 server1 
Oct  1 06:21:02 server1 
Oct  1 06:31:02 server1 
Oct  1 13:21:02 server1 
Oct  1 13:31:02 server1 
Oct  1 14:21:02 server1 
Oct  1 14:31:02 server1 
Oct  1 15:21:02 server1 
Oct  1 15:31:02 server1 
Oct  1 16:21:02 server1 
Oct  1 16:31:02 server1 
Oct  1 17:21:02 server1 
Oct  1 17:31:02 server1

Hi,
Your date command:

$ date --date='2 hours ago' '+%b %d %H:'
Oct 01 16:

Date you want:

$ date --date='30 minutes ago' '+%b %d %H:%M'
Oct 01 17:42

Regards.

I have tried below command but no luck.

for (( i = 30; i >=0; i-- )) ; do
     grep $(date +%R -d "-$i  min") log1 > newfile
done

---------- Post updated at 11:20 AM ---------- Previous update was at 11:16 AM ----------

Below command already tried but not working.


sed -n "/^$(date --date='30 minutes ago' '+%b %d %H:')\\|^$(date --date='0 minutes ago' '+%b %d %H:')/p" logfile.txt

Sorry,
The syntaxe would be:

sed -n "/^$(date --date='30 minutes ago' '+%b %d %H:%M')/,\$p" logfile.txt

But, if you have not log during this minute (%M),nothing print.
Regards.

Not working, not showing anything. I want last 30 minutes of log file wants to discard rest line.

Ok, I found error, it's date format:

$ date --date='30 minutes ago' '+%b %d %H:%M'
Oct 01 20:20

In log, not 01 but 1 (with space):
as like:

$ date --date='30 minutes ago' '+%b %_d %H:%M'
Oct  1 20:20

Regards.

2 Likes

awesome working now, able to complete script.