0

I work with log files on a daily basis. I have been using sed to accomplish my goal of extracting certain lines of data between to time stamps. For example, I use:

sed '/20150720 15:06:00/,/20150720 16:25:00/! d' logfile.log > /tmp/logpart.log

However, This only works when the timestamps actually match a line in the file. How can I force sed to work on the data that I want without having to go into a file to get the actual time stamps? For instance, in the example above, I just want everything between 15:00 and 16:30, regardless of if there is a matching time stamp in the file.

c4f4t0r
  • 5,301
  • 3
  • 31
  • 42
user53029
  • 629
  • 3
  • 14
  • 36

1 Answers1

4

As your log files have the good taste of having timestamps that are lexicographically sorted, you can simple compare strings using awk, eg:

awk 'substr($0,1,17)>="20150720 15:06:00" && substr($0,1,17)<="20150720 16:25:00"' <logfile.log

I've assumed here that your timestamp starts at column 1 (numbering from 1). If not, change the ,1, appropriately.

meuh
  • 1,563
  • 10
  • 11
  • 1
    Actually, I was able to just use wildcards on the time portions to accomplish what I was after, tested it and it worked. Something like this would work - sed '/20150630 02:20:*/,/20150630 13:40:*/! d' logfile.log > /tmp/logpart.log. This extracted all lines between 2:20 and 13:40. – user53029 Aug 03 '15 at 00:28
  • @user53029 Good idea. You dont actually need the `*` (which should be `.*`). Just shorten each pattern until you match a line. – meuh Aug 03 '15 at 05:56
  • suggestion: `$1 " " $2 >= "20150720 15:06:00"` (or any other field reference if not first word) instead of substr – NeronLeVelu Aug 07 '15 at 12:47