UNIX / LINUX command

sbinh

2[H]4U
Joined
Jul 12, 2008
Messages
2,798
I need a command that help to display the last 24hr occurrence in a log file..and grep for only error.... The command will then display the error and the time when error occur.

Ex:
Sat 12/10/2011 12:33:45
ORA-12154: TNS:could not resolve the connect identifier specified

Any help would be greatly appreciated.
 

berky

2[H]4U
Joined
Aug 28, 2001
Messages
2,233
what does the whole file look like?

look at the -A and -B flags for grep. if you provide more info I can probably help more.
 

sbinh

2[H]4U
Joined
Jul 12, 2008
Messages
2,798
In UNIX, option -A doesn't work. While -b would not display what I really want.

Let's say it is an Oracle alert log file. For the system check, I only want to see if any error ( ORA- ) occurs within last 24 hrs. If any, it will display the time error occurrs and error code ( ORA-#####)


Ex: I use this command to find any Oracle error within last 1000 lines of Oracle alert.log:

Code:
tail -1000 alert.log | grep -i ORA-

but it won't tell me when (if any) the error occurred.

I tried this:

Code:
 tail -1000 alert.log | grep -b 3 --before-context -i ORA-

but the result is NOT what I wanted.
 

mwarps

Supreme [H]ardness
Joined
Oct 6, 2002
Messages
7,065
The log file has to contain the date information in a static location relative to the error message. Does it?
 

Chipotle

Limp Gawd
Joined
Jan 8, 2006
Messages
254
Yeah, date and error on two lines makes this much harder than it needs to be. Also if possible changing the date time format would make this much easier as well.

Ex:
Jan 12 23:28:22 ORA-12154: TNS:could not resolve the connect identifier specified
$ grep ^*23:*ORA-

Or better yet
120112:23:28:22 ORA-12154: TNS:could not resolve the connect identifier specified
$ grep ^:23*ORA-

You would save yourself much headache. My regex's may not be on, but the logging examples are what i'm used to in the environments I support.
 

ameoba

Supreme [H]ardness
Joined
Jan 9, 2001
Messages
6,413
Grep's great for textual searches - where you can define patterns without any sense of meaning. If you want to actually parse timestamps, you might want to move into a more complex tool such as AWK (I can't remember off the top of my head if it can parse dates or not), or a full-featured scripting language like Perl (where this could easily be a 1-line script), Python, Ruby, etc.
 

eloj

2[H]4U
Joined
Dec 31, 2000
Messages
3,612
Code:
grep -A 1 `date +"%m/%d/%Y" --date="Yesterday"` <file> | grep -B 1 "ORA-"

Works if you only grep just after midnight. :)
 
Top