在特定时间获得 /var/log/mesages
Get /var/log/mesages for a particular time
我想查看特定时间的日志,即从 10:00 到 13:00。
- OS: 红帽 6
- 日志:/var/log/messages
- 时间戳:11 月 10 日 10:00 到 13:00
我试过下面的命令,但没有成功:
sed -n '/Nov 10 10:00:01/ , /Nov 10 13:30:09/p' /var/log/messages
您可以使用 awk 轻松完成:
[root@test httpd]# cat /var/log/messages |awk '[=10=]>="Nov 11 00:26:00" && [=10=]<="Nov 11 00:28:00"'
Nov 11 00:26:15 test named[3224]: REFUSED unexpected RCODE resolving '30.145.232.49.in-addr.arpa/PTR/IN': 58.129.247.39#53
Nov 11 00:26:16 test named[3224]: REFUSED unexpected RCODE resolving '30.145.232.49.in-addr.arpa/PTR/IN': 211.153.19.1#53
Nov 11 00:26:16 test named[3224]: REFUSED unexpected RCODE resolving '30.145.232.49.in-addr.arpa/PTR/IN': 58.129.247.39#53
Nov 11 00:26:16 test named[3224]: REFUSED unexpected RCODE resolving '30.145.232.49.in-addr.arpa/PTR/IN': 211.153.19.1#53
Nov 11 00:26:36 test script.sh: sending incremental file list
Nov 11 00:26:36 test script.sh: trace-2019-11-11-00-25-16-1573424716.pcap
Nov 11 00:26:38 test script.sh: sent 6,979,522 bytes received 43 bytes 1,994,161.43 bytes/sec
Nov 11 00:26:38 test script.sh: total size is 6,977,686 speedup is 1.00
Nov 11 00:27:39 test script.sh: sending incremental file list
Nov 11 00:27:39 test script.sh: trace-2019-11-11-00-26-16-1573424776.pcap
Nov 11 00:27:41 test script.sh: sent 6,817,012 bytes received 43 bytes 2,726,822.00 bytes/sec
Nov 11 00:27:41 test script.sh: total size is 6,815,216 speedup is 1.00
[root@test httpd]#
我想查看特定时间的日志,即从 10:00 到 13:00。
- OS: 红帽 6
- 日志:/var/log/messages
- 时间戳:11 月 10 日 10:00 到 13:00
我试过下面的命令,但没有成功:
sed -n '/Nov 10 10:00:01/ , /Nov 10 13:30:09/p' /var/log/messages
您可以使用 awk 轻松完成:
[root@test httpd]# cat /var/log/messages |awk '[=10=]>="Nov 11 00:26:00" && [=10=]<="Nov 11 00:28:00"'
Nov 11 00:26:15 test named[3224]: REFUSED unexpected RCODE resolving '30.145.232.49.in-addr.arpa/PTR/IN': 58.129.247.39#53
Nov 11 00:26:16 test named[3224]: REFUSED unexpected RCODE resolving '30.145.232.49.in-addr.arpa/PTR/IN': 211.153.19.1#53
Nov 11 00:26:16 test named[3224]: REFUSED unexpected RCODE resolving '30.145.232.49.in-addr.arpa/PTR/IN': 58.129.247.39#53
Nov 11 00:26:16 test named[3224]: REFUSED unexpected RCODE resolving '30.145.232.49.in-addr.arpa/PTR/IN': 211.153.19.1#53
Nov 11 00:26:36 test script.sh: sending incremental file list
Nov 11 00:26:36 test script.sh: trace-2019-11-11-00-25-16-1573424716.pcap
Nov 11 00:26:38 test script.sh: sent 6,979,522 bytes received 43 bytes 1,994,161.43 bytes/sec
Nov 11 00:26:38 test script.sh: total size is 6,977,686 speedup is 1.00
Nov 11 00:27:39 test script.sh: sending incremental file list
Nov 11 00:27:39 test script.sh: trace-2019-11-11-00-26-16-1573424776.pcap
Nov 11 00:27:41 test script.sh: sent 6,817,012 bytes received 43 bytes 2,726,822.00 bytes/sec
Nov 11 00:27:41 test script.sh: total size is 6,815,216 speedup is 1.00
[root@test httpd]#