0

trying to do a precise query of log files (i.e. all the bounces in the last 30 days).

I seam to be missing 2 factors, I don't think stdin will pull zcat info and I think there is also an error passing the variable to awk.

home # lastDate=$(date -d "last month" 2>&1 {$1, $2, $3}) | cat /var/log/messages | zcat /var/log/messages-* | awk '$0>=from&&$0<=to' from='{ print date +"%m-%d"}' to=$lastDate '{print to}' | grep -i reject
awk: fatal: cannot open file `{print to}' for reading (No such file or directory)

where broke:

lastDate=$(date -d "last month" 2>&1 {$1, $2, $3})|awk '{print lastDate}'



no error, no output

date -d "last month" Fri Jul 26 07:13:40 UTC 2013

4

1 回答 1

0

不要使用反抽动,使用括号:

awk 'tolower($0)~/reject/ && $0~Date' Date=$(date -d'now-30 days' +[%d/%b:%H:%M:%S) /var/log/messages && zcat /var/log/messages-*

在您的帖子中,您不使用日期,因此无论日期是什么,您都会获得所有记录

PS更新你的帖子#1,而不是发布新的。

编辑:如果您喜欢日期范围,而不是在 30 天前使用,试试这个:

awk 'tolower($0)~/reject/ && $0>=from && $0<=to' from=$(date -d'now-30 days' +[%d/%b:%H:%M:%S) to==$(date +[%d/%b:%H:%M:%S) /var/log/messages && zcat /var/log/messages-*
于 2013-08-26T08:17:29.357 回答