#!/bin/bash
#
# entry example
#
# (1579051) 10/16/2009 0:02:13 AM - (not logged in) (192.168.1.11)> USER chris
#
# sort -k1n fzs-2009-10-16.log
# does not work properly because when the session id and timestamp are the same
# it goes on and tries to sort based on the message
# if the timestamp granularity was high enough it would work (and so much faster!)
#
[ $# -ne 1 ] && echo "number of args required is 1" && exit 1
[ ! -e $1 ] && echo "file $1 does not exist" && exit 2
FILEPATH=`dirname $1`
LOGNAME=`basename $1`
LOGNAME_SORTED=${FILEPATH}/${LOGNAME}".sorted"
SID_SORTED_FILENAME=${FILEPATH}/"fzlog_sid_sorted.$$"
rm -f $LOGNAME_SORTED
awk '{ split( $1, L, "\\(|\\)" ); print L[ 2 ]; }' $1 | sort | uniq > ${SID_SORTED_FILENAME}
cat ${SID_SORTED_FILENAME} | while read line
do
grep "^($line)" $1 >> ${LOGNAME_SORTED}
done
rm -f ${SID_SORTED_FILENAME}
exit 0
bash
1
#!/bin/bash## entry example## (1579051) 10/16/2009 0:02:13 AM - (not logged in) (192.168.1.11)> USER chris## sort -k1n fzs-2009-10-16.log# does not work properly because when the session id and timestamp are the same# it goes on and tries to sort based on the message# if the timestamp granularity was high enough it would work (and so much faster!)#[$# -ne 1 ]&&echo"number of args required is 1"&&exit 1
[ ! -e $1]&&echo"file $1 does not exist"&&exit 2
FILEPATH=`dirname $1`LOGNAME=`basename $1`LOGNAME_SORTED=${FILEPATH}/${LOGNAME}".sorted"SID_SORTED_FILENAME=${FILEPATH}/"fzlog_sid_sorted.$$"
rm -f $LOGNAME_SORTED
awk '{ split( $1, L, "\\(|\\)" ); print L[ 2 ]; }'$1 | sort | uniq > ${SID_SORTED_FILENAME}
cat ${SID_SORTED_FILENAME} | while read line
dogrep "^($line)"$1 >> ${LOGNAME_SORTED}done
rm -f ${SID_SORTED_FILENAME}exit 0
Hey there! I see you're running Internet Explorer 6.
That's neat. This reminds me of my grandpa. He had this old car that he kept having to fix. He spent so much money on it that he didn't want to get rid of it (even when it stopped running).
0 Comments