Hi All,
I have a log file where every line contains a date and some other data, i want to grep only the date from every line to a different file.
Please help how to get this.
Thanks in advance !!
What format is the date in? If it's dd-mm-yyyy, a crude way is to do this:
grep -o "[0-9]\{2\}-[0-9]\{2\}-[0-9]\{4\}"
1 Like
Hey Bala,
Thanks for helping,
date format in my log is " mm/dd/yyyy "
using your grep command, i think the same command will work
grep -o "[0-9]\{2\}-[0-9]\{2\}-[0-9]\{4\}"
pl suggest.
many Thanks !!
Here your answer
grep -o "[0-9]\{2\}/[0-9]\{2\}/[0-9]\{4\}"
1 Like
thank you so much... will test and get back to you ..
---------- Post updated at 06:14 AM ---------- Previous update was at 06:01 AM ----------
Hey bala there is an error,
grep: illegal option -- o
Usage: grep -hblcnsviw pattern file . . .
My OS is Solaris 10
---------- Post updated at 06:27 AM ---------- Previous update was at 06:14 AM ----------
correction to my question i need to print only dates in the line
Show sample of your log file
Server1111 I will be changing the characterset used by the O08FTM2 database. mail by alan stanke (Expire: 01/21/2014)
Server2222 From: Windows_L1 (Expire: 01/17/2014)
server3201 From: Windows_L1 (Expire: 01/17/2014)
server3206 From: Windows_L1 (Expire: 01/17/2014)
server3205 From: Windows_L1 (Expire: 01/17/2014)
server3204 From: Windows_L1 (Expire: 01/17/2014)
server1022 Got Cannot Pings after removing from MM after cleanup activity (Expire: 01/19/2014)
server1013 Got Cannot Pings after removing from MM after cleanup activity (Expire: 01/19/2014)
these are few rows of my log, i need to print only the date
One form many possible ways :
awk '/\(Expire:.*\)$/ {sub(")","",$NF);print $NF}' file
Produces:
01/21/2014
01/17/2014
01/17/2014
01/17/2014
01/17/2014
01/17/2014
01/19/2014
01/19/2014
1 Like
Thanks again Bala. Will check and get back to you
Some more possibilities
$ cat file
Server1111 I will be changing the characterset used by the O08FTM2 database. mail by alan stanke (Expire: 01/21/2014)
Server2222 From: Windows_L1 (Expire: 01/17/2014)
server3201 From: Windows_L1 (Expire: 01/17/2014)
server3206 From: Windows_L1 (Expire: 01/17/2014)
server3205 From: Windows_L1 (Expire: 01/17/2014)
server3204 From: Windows_L1 (Expire: 01/17/2014)
server1022 Got Cannot Pings after removing from MM after cleanup activity (Expire: 01/19/2014)
server1013 Got Cannot Pings after removing from MM after cleanup activity (Expire: 01/19/2014)
$ awk 'match($0,/[0-9]+\/[0-9]+\/[0-9]+/){print substr($0,RSTART,RLENGTH)}' file
01/21/2014
01/17/2014
01/17/2014
01/17/2014
01/17/2014
01/17/2014
01/19/2014
01/19/2014
if you have gawk try this
$ awk --re-interval 'match($0,/([[:digit:]]{2}\/){2}[[:digit:]]{4}/,m){print m[0]}' file
01/21/2014
01/17/2014
01/17/2014
01/17/2014
01/17/2014
01/17/2014
01/19/2014
01/19/2014
1 Like
i get an error on all the above commands, it says
awk: syntax error near line1
awk: bailing out near line 1
Please help
use nawk if you are on sunos/solaris
1 Like
Awesome Akshay .. it worked,.. many thanks....
---------- Post updated at 01:14 PM ---------- Previous update was at 11:15 AM ----------
Hey Akshay i have one more doubt.. can we check every line and print the line only if date is there inthat line.. as I see lot of other stuff like " _ ::::::: etc..... Some other lines not having date...
Please help
Thanks in advance. ...
I think code which I posted will be printing the same until your real data is like sample which you posted, match will be true if pattern is found, if your real data is different let us know, and please do post the same.
Hey akshay,
The code u gave is working perfectly for the sample date i gave, but in my data i found some special characters, other lines which i dont need. like the below 2 lines.
"mm_out.11:35
::::::::::::
"
So i thought, it would be better if the command identifies the date & should print servername and date only. so that i will
If date is not present in the line it should ignore the line.
mm_out.11:35
::::::::::::
Server1111 I will be changing the characterset used by the O08FTM2 database. mail by alan stanke (Expire: 01/21/2014)
Server2222 From: Windows_L1 (Expire: 01/17/2014)
server3201 From: Windows_L1 (Expire: 01/17/2014)
server3206 From: Windows_L1 (Expire: 01/17/2014)
server3205 From: Windows_L1 (Expire: 01/17/2014)
server3204 From: Windows_L1 (Expire: 01/17/2014)
server1022 Got Cannot Pings after removing from MM after cleanup activity (Expire: 01/19/2014)
server1013 Got Cannot Pings after removing from MM after cleanup activity (Expire: 01/19/2014)
Thanks in advance
It matches only date, if you are not showing real input we can't help, and if you need server name try
$ cat file
mm_out.11:35
::::::::::::
Server1111 I will be changing the characterset used by the O08FTM2 database. mail by alan stanke (Expire: 01/21/2014)
Server2222 From: Windows_L1 (Expire: 01/17/2014)
server3201 From: Windows_L1 (Expire: 01/17/2014)
server3206 From: Windows_L1 (Expire: 01/17/2014)
server3205 From: Windows_L1 (Expire: 01/17/2014)
server3204 From: Windows_L1 (Expire: 01/17/2014)
server1022 Got Cannot Pings after removing from MM after cleanup activity (Expire: 01/19/2014)
server1013 Got Cannot Pings after removing from MM after cleanup activity (Expire: 01/19/2014)
$ awk --re-interval 'match($0,/([[:digit:]]{2}\/){2}[[:digit:]]{4}/,m){print $1, m[0]}' file
Server1111 01/21/2014
Server2222 01/17/2014
server3201 01/17/2014
server3206 01/17/2014
server3205 01/17/2014
server3204 01/17/2014
server1022 01/19/2014
server1013 01/19/2014
1 Like
Hi Akshay,
below is the actual log file, i have used awk -F'; ' '{ print $1,$5 }' file and gave the previous log, as i need only those 2 fields, server name & date, If you could help me single command then there is no need for me to use the above command.
::::::::::::::
/tmp/maintenance_mode.out.2014-05-28_11:53:45.MCC
::::::::::::::
10.3.45.243; MCC; Wed Jul 10 17:19:57 EDT 2013; ; unknown (Expire: 07/13/2013); 1373491198
xnetang5; MCC; Fri May 23 18:28:19 EDT 2014; root; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
erver0124; MCC; Sat May 24 09:00:06 EDT 2014; AutoDeploy; AutoDeploy server reboot (Expire: 05/27/2014)
server0186; MCC; Fri May 23 18:29:34 EDT 2014; root; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
server1356; MCC; Fri May 23 18:29:34 EDT 2014; root; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
server2154; MCC; Fri May 23 18:26:27 EDT 2014; root; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
server0168; MCC; Fri May 23 18:28:19 EDT 2014; vinay; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
tstarg01; MCC; Fri May 23 18:28:19 EDT 2014; vinay; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
tstarg01; MCC; Fri May 23 18:28:19 EDT 2014; unknown; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
tstarg01; MCC; Fri May 23 18:28:19 EDT 2014; phani; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
Post what is expected output, did you try command posted in post #16 ?
1 Like
Expected output is servername and date like below
10.3.45.243 07/13/2013
xnetang5 05/23/2014
erver0124 05/27/2014
server0186 05/23/2014
server1356 05/23/2014
server2154 05/23/2014
server0168 05/23/2014
tstarg01 05/23/2014
tstarg01 05/23/2014
tstarg01 05/23/2014
it should not have any other lines,
---------- Post updated at 04:28 AM ---------- Previous update was at 04:27 AM ----------
for post16, here is the output
bash-3.00$ awk --re-interval 'match($0,/([[:digit:]]{2}\/){2}[[:digit:]]{4}/,m){print $1, m[0]}' dump1.log
awk: syntax error near line 1
awk: bailing out near line 1
Tried using nawk as well
bash-3.00$ nawk --re-interval 'match($0,/([[:digit:]]{2}\/){2}[[:digit:]]{4}/,m){print $1, m[0]}' dump1.log
nawk: unknown option --re-interval ignored
nawk: syntax error at source line 1
context is
>>> match($0,/([[:digit:]]{2}\/){2}[[:digit:]]{4}/, <<<
nawk: bailing out at source line 1
I already mentioned that gawk it will work, in post #10
$ cat file
::::::::::::::
/tmp/maintenance_mode.out.2014-05-28_11:53:45.MCC
::::::::::::::
10.3.45.243; MCC; Wed Jul 10 17:19:57 EDT 2013; ; unknown (Expire: 07/13/2013); 1373491198
xnetang5; MCC; Fri May 23 18:28:19 EDT 2014; root; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
erver0124; MCC; Sat May 24 09:00:06 EDT 2014; AutoDeploy; AutoDeploy server reboot (Expire: 05/27/2014)
server0186; MCC; Fri May 23 18:29:34 EDT 2014; root; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
server1356; MCC; Fri May 23 18:29:34 EDT 2014; root; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
server2154; MCC; Fri May 23 18:26:27 EDT 2014; root; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
server0168; MCC; Fri May 23 18:28:19 EDT 2014; vinay; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
tstarg01; MCC; Fri May 23 18:28:19 EDT 2014; vinay; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
tstarg01; MCC; Fri May 23 18:28:19 EDT 2014; unknown; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
tstarg01; MCC; Fri May 23 18:28:19 EDT 2014; phani; Step 7 - Tokyo DR Test (SR10756599) AVDU80 (Expire: 05/23/2014)
Reply With Quote
# Gawk
$ awk -F';' --re-interval 'match($0,/([[:digit:]]{2}\/){2}[[:digit:]]{4}/,m){ print $1, m[0]}' file
10.3.45.243 07/13/2013
xnetang5 05/23/2014
erver0124 05/27/2014
server0186 05/23/2014
server1356 05/23/2014
server2154 05/23/2014
server0168 05/23/2014
tstarg01 05/23/2014
tstarg01 05/23/2014
tstarg01 05/23/2014
# if you do not have gawk
$ awk -F';' 'match($0,/[0-9]+\/[0-9]+\/[0-9]+/){print $1,substr($0,RSTART,RLENGTH)}' file
10.3.45.243 07/13/2013
xnetang5 05/23/2014
erver0124 05/27/2014
server0186 05/23/2014
server1356 05/23/2014
server2154 05/23/2014
server0168 05/23/2014
tstarg01 05/23/2014
tstarg01 05/23/2014
tstarg01 05/23/2014
1 Like