convert date and time to epoch in awk
dteske at freebsd.org
dteske at freebsd.org
Wed Feb 20 00:11:20 UTC 2013
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org [mailto:owner-freebsd-
> questions at freebsd.org] On Behalf Of b w
> Sent: Tuesday, February 19, 2013 2:34 PM
> To: freebsd-questions at freebsd.org
> Subject: convert date and time to epoch in awk
>
> I want to write a script that parses the last, say, 10 minutes of a log
> file looking for a certain string, like 'error', or failed', and returns
> how many times it shows up. The script would be run by Nagios and if it
> returns > 0 an alert is raised. Each line of the log file starts with a
> date like 'Feb 19 23:45:32'.
>
> One way to do it I guess would be to read each line in a while loop,
> extract the date, convert it into epoch using the date command, if it's
> within 10 minutes remember the line somewhere, then grep the result. I was
> thinking this might be too slow, or there may be too many lines at some
> point, but it might actually be acceptable if I tail the last few thousands
> lines. Anyway...
>
> Another way would be to use gawk, which has date/time functions like
> systime() and mktime(). This works fine, but someone like myself at some
> point will forget to install gawk on a new server and might not realize it
> untill something happens.
>
> So, is there a way to compare two dates in FreeBSD's awk or convert a date
> to epoch? Or some other fast way to select the last 10 minutes from a log
> file? An example would be appreciated, if possible.
Converting a date to an epoch is easy with date(1) (note: awk can make a system
call and read back the stdout into a variable).
For example, if I want to convert the date:
Fri 01 Feb 2013
into an epoch using:
date -j -f "%a %d %b %Y" "Fri 01 Feb 2013" +%s
The output of which is the following epoch:
1359763497
Doing this all from awk:
echo "Fri 01 Feb 2013" | awk '
{
mydate = $0
"date -j -f \"%a %d %b %Y\" \"" mydate "\" +%s" | getline myepoch
print mydate " = " myepoch
}'
Hope this helps.
--
Devin
P.S. Be careful that log files often (a) rotate and (b) contain "last message
repeated N times" which can throw off your counts. Things I have solved before
and am willing to share if you're interested.
_____________
The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.
More information about the freebsd-questions
mailing list