Is there any way I can do scan of log file in Linux, where the log file entries for last 15 minutes can be searched for a particular pattern.
The log file entries are in below format.
2014-01-27T23:08:53.924-0500 LDAP authentication error
2014-01-27T23:08:53.934-0500 LDAP authentication error
My intention is to send an email alert if there is any entry in this file for the pattern in last 15 minutes.
Thanks,
Anand
Logic would be...
-
Get current time
-
subtract 15 minutes from time
-
Convert it to the same format as the log entry: YYYY-01-27 and HH:MM.SS.ddd (you only need the HH:MM)
date --date-string="- 15 minutes"....depends on o/s...this works on bash
or
date +%Y-%M-%dT%H:%M --date="-15 minutes"
2014-21-05T16:21
- grep or awk the log file (using regular expression if need be)...
something to get you started
Hi,
The pattern is as below.
LDAP authentication error: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903AA
Thanks,
Anand
Hi,
From your replies i figured out this, but problem is that the command will not output anything if there is no entry for the particular minute, i.e 15 minutes before.
sed -n "/^$(date --date='15 minutes ago' '+%Y-%m-%dT%H:%M')/,\$p" $ERROR_LOG
Is there any way to fix this?
Thanks & regards:),
Anand