ankush grover wrote:
> Combine 2-3 greps:
>> for (( i = 5; i>=0; i-- )) ; do grep `date "+%a"` | grep `date "+%b"` |
>> grep `date "+%d"` | grep `date "+%Y"` | $(date "+%R" -d "-$i
>> min") /var/ossec/logs/active-responses.log>> /tmp/newlog.log;done
>>
>> Change order of greps to gain speed at first cutting part of lines with
>> most hits.
>>
>> Ljubomir
>> _
>
> It is really slow when 2-3 greps are combined.
>
But it will do the job until you solve this with more elegance.
What you can try is to compile search pattern from 2-3 date outputs so
it will match the text in the log.
dayname="$(date "+%a")"; month="$(date "+%b")"; time="$(date "+%d")";
year="$(date "+%Y")";
search1="$dayname $month $time $year" # add spaces where needed and
order parts properly to match log
for (( i = 5; i>=0; i-- )) ; do grep $(date "+%R" -d "-$i
min") /var/ossec/logs/active-responses.log | grep $search1 >>
/tmp/newlog.log;done
Also consider dropping parts like day as a name when you have day as a
number to speed up.
Ljubomir
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
