variable inside a variable

Shell Programming and Scripting
1

I am trying manipulate variables inside a variable

root@server [~]# hour=`date | awk {'print $4'} | cut -d: -f 1`;lasthour=`expr $hour - 01`; lasthour=`printf %02d $lasthour`;grep "`date -I` $lasthour" /var/log/exim_mainlog |egrep -o 'dovecot_login[^ ]+' | sort|uniq -c|sort -nk 1
      8 dovecot_login:user1@domain.com
      4 dovecot_login:user2@domain.com

The above prints output in two lines. When I take that to a variable and analze each line, it becomes 4 lines. What I need is to check the count of each entry and output if count is more than a limit, say 5. So the below script should only display "8 dovecot_login:user1@domain.com"

root@server [~]# for i in $(hour=`date | awk {'print $4'} | cut -d: -f 1`;lasthour=`expr $hour - 01`; lasthour=`printf %02d $lasthour`;grep "`date -I` $lasthour" /var/log/exim_mainlog |egrep -o 'dovecot_login[^ ]+' | sort|uniq -c|sort -nk 1); do echo $i; done
8
dovecot_login:user1@domain.com
4
dovecot_login:user2@domain.com
2

I believe you're over-complicating the task with the use of so many tools - there could be a more graceful way to do all of it.
Please provide a sample of your /var/log/exim_mainlog file using code tags and a desired output with the explanation.

Also what happens for the mid-night hour - hour 0?

3

I got it corrected. If the count is more than 3, it will display it.

hour=`date | awk {'print $4'} | cut -d: -f 1`;lasthour=`expr $hour - 01`; lasthour=`printf %02d $lasthour`;grep "`date -I` $lasthour" /var/log/exim_mainlog |egrep -o 'dovecot_login[^ ]+' | sort|uniq -c|sort -nk 1|  while read login; do num=`echo $login | awk {'print $1'}`;   if [ $num  -gt 3 ]; then echo $login;fi  ; done
4 dovecot_login:user1@domain.net
4 dovecot_login:user2@domain.com
11 dovecot_login:user3@domain.com
27 dovecot_login:user4@domain.ca

---------- Post updated at 07:48 PM ---------- Previous update was at 07:36 PM ----------

I have corrected the midnight 00 issue. Here is the complete script

#!/bin/sh

hour=`date | awk {'print $4'} | cut -d: -f 1`

if [ $hour= '00' ]; then
        hour = 24
fi

lasthour=`expr $hour - 01`
lasthour=`printf %02d $lasthour`


grep "`date -I` $lasthour" /var/log/exim_mainlog |egrep -o 'dovecot_login[^ ]+' | sort|uniq -c|sort -nk 1|  while read login
do
        num=`echo $login | awk {'print $1'}`
        if [ $num  -gt 3 ]; then
                echo $login
        fi
done