I work with log files a lot.
Most of the logfiles I work with are in a standard format of some kind, and most often they are rotated upon a daily basis. (Examples include syslog, qpsmtpd, and Apache logfiles.)
I wish there were a general purpose way to say "grep time-range pattern logfile".
Right now, for example, I've just deployed some changes upon a cluster of hosts. Now I want to see only messages that refer to a particular area of the codebase only those that occurred after 23:00 - which is when I did the commit/push/pull dance.
I've written a quick hack - tgrep (time-grep) - which allows simple before/equal/after/range grepping :
# show matching lines after 23:00PM tgrep \>23:00:00 -i subject /var/log/qpsmtpd/qpsmtpd.log # show matching lines in the interval 23:00PM 23:15PM tgrep 23:00:00-23:15:00 -i -r subject /var/log/qpsmtpd/
If there is a common way of doing this "properly" then I'd love to be educated, failing that take it if it is useful (moreutils?)
ObFilm: Chasing Amy
Tags: random hacks, tgrep, utilities 8 comments