Hi all,
Can someone please tell me, or point me in the right direction ( I have googled, with little luck) on how to get data from /var/logs/messages (and other log files) for a specified fe days (i.e 19 - 30 June 2011) ?
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Rudi Ahlers Sent: Thursday, July 07, 2011 7:04 AM To: CentOS mailing list Subject: [CentOS] how to get data from syslog for a specific date range?
Hi all,
Can someone please tell me, or point me in the right direction ( I have googled, with little luck) on how to get data from /var/logs/messages (and other log files) for a specified fe days (i.e 19 - 30 June 2011) ?
Give this a try:
grep -E '^Jun (19|2[0-9]|30) ' /var/log/messages
And to explain the argument following "-E" see:
man grep
-- Owen Beckley
On Thu, Jul 7, 2011 at 3:28 PM, Owen Beckley OwenB@foxriver.com wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Rudi Ahlers Sent: Thursday, July 07, 2011 7:04 AM To: CentOS mailing list Subject: [CentOS] how to get data from syslog for a specific date range?
Hi all,
Can someone please tell me, or point me in the right direction ( I have googled, with little luck) on how to get data from /var/logs/messages (and other log files) for a specified fe days (i.e 19 - 30 June 2011) ?
Give this a try:
grep -E '^Jun (19|2[0-9]|30) ' /var/log/messages
And to explain the argument following "-E" see:
man grep
-- Owen Beckley
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Thanx Owen, that's probably what I needed, but it seems there's something wrong with the logs on this server since it only has this month's data in /var/log/messages and /var/log/message.1 - 4 doesn't have much either. I'll have to investigate this first to see what's up.
On 7.7.2011 15:45, Rudi Ahlers wrote:
something wrong with the logs on this server since it only has this month's data in /var/log/messages and /var/log/message.1 - 4 doesn't have much either. I'll have to investigate this first to see what's up.
Nothings wrong, plain syslog dont log year. For this you have to use alternative syslog daemons like syslog-ng or rsyslog (not sure about the latter one). But you can always rotate with a filename scheme that has the year in it.
-- Kind Regards, Markus Falb
Rudi Ahlers wrote:
Hi all,
Can someone please tell me, or point me in the right direction ( I have googled, with little luck) on how to get data from /var/logs/messages (and other log files) for a specified fe days (i.e 19 - 30 June 2011) ?
grep "Jul 5" /var/log/messages > 20110705.log
or awk '$0 ~ /^Jul [345]/' /var/log/messages > 201107_3-5.log
mark
-
m.roth@5-cent.us -
Markus Falb -
Owen Beckley -
Rudi Ahlers