0

I work with log files on a daily basis. I have been using sed to accomplish my goal of extracting certain lines of data between to time stamps. For example, I use:

sed '/20150720 15:06:00/,/20150720 16:25:00/! d' logfile.log > /tmp/logpart.log

However, This only works when the timestamps actually match a line in the file. How can I force sed to work on the data that I want without having to go into a file to get the actual time stamps? For instance, in the example above, I just want everything between 15:00 and 16:30, regardless of if there is a matching time stamp in the file.

c4f4t0r
  • 5,411
user53029
  • 649

1 Answers1

4

As your log files have the good taste of having timestamps that are lexicographically sorted, you can simple compare strings using awk, eg:

awk 'substr($0,1,17)>="20150720 15:06:00" && substr($0,1,17)<="20150720 16:25:00"' <logfile.log

I've assumed here that your timestamp starts at column 1 (numbering from 1). If not, change the ,1, appropriately.

meuh
  • 1,583
  • 1
    Actually, I was able to just use wildcards on the time portions to accomplish what I was after, tested it and it worked. Something like this would work - sed '/20150630 02:20:/,/20150630 13:40:/! d' logfile.log > /tmp/logpart.log. This extracted all lines between 2:20 and 13:40. – user53029 Aug 03 '15 at 00:28
  • @user53029 Good idea. You dont actually need the * (which should be .*). Just shorten each pattern until you match a line. – meuh Aug 03 '15 at 05:56
  • suggestion: $1 " " $2 >= "20150720 15:06:00" (or any other field reference if not first word) instead of substr – NeronLeVelu Aug 07 '15 at 12:47