current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
Unix & Linux Stack Exchange is a question and answer site for users of Linux, FreeBSD and other Un*x-like operating systems. It's 100% free, no registration required.

Sign up
Here's how it works:
  1. Anybody can ask a question
  2. Anybody can answer
  3. The best answers are voted up and rise to the top
up vote 0 down vote favorite

I'm trying to pull some information out of a log file, looking back over a specific period of time (e.g. the past hour). I've found the following awk construct that works, capturing the data as a variable:

myvar="$(awk '$0>=from&&$0<=to' from="$(date +%b" "%d" "%H:%M:%S -d -10minute)" to="$(date +%b" "%d" "%H:%M:%S)" /var/log/messages)"

I'd like to be able to get certain information from that variable, and use it to create an alarm, but I'm not sure how to do it, is it by using Grep or something else?

If anyone knows the solution, and can show me how, I'd very much appreciate it.

Here's some more detail: this is only an example. Say I look back over syslog for the past hour, saving all output as a variable with the awk construct above. Now, I want to parse out some data as the basis for sending an alerting email e.g. the keyword (or key phrase) "kdump" from "Apr 16 12:32:26 satest01 kdump: kexec: loaded kdump kernel". How would I extract that information from my variable?

share|improve this question
3  
It would be bettef if you show example data and what you wants to receive from it – Costas Apr 17 '15 at 17:25
1  
Example of a log file entry and the desired result please. – roaima Apr 17 '15 at 17:25
1  
Please edit your question and i) add an example of your input and ii) an example of your desired output. We can't help you unless we know what you are parsing and how you want to parse it. – terdon Apr 17 '15 at 17:43
    
Sorry for the lack of detail. This is only an example. Say I look back over syslog for the past hour, saving all output as a variable with the awk construct above. Now, I want to parse out some data as the basis for sending an alerting email e.g. the keyword (or key phrase) "kdump" from "Apr 16 12:32:26 satest01 kdump: kexec: loaded kdump kernel". How would I extract that information from my variable? – Diggy Apr 17 '15 at 18:28
1  
Please add that detail into your question: it is too important to be buried as a comment. – jasonwryan Apr 17 '15 at 21:57
up vote 0 down vote

When you do not want to grep the info directly out of the logfile, you can use

echo "${var}" | grep "kdump"

You could also use a pipe:

awk ...your_script | grep "kdump"

When you want to grep more words, use grep -E

awk ...your_script | grep -E "kdump|Diggy|other string"
share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.