[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 513
  • Last Modified:

UNIX AIX: how to find chunks of code in logs?

I am able to get to the log file - 20,000 lines of code per log file
then I do:
 
$ grep keyword [name of log file]

then, I get all keywords found in the logs without the information corresponding to the keywords searched

In other words, how do I find chunks of code in UNIX?

$pg from to end

thx

 
0
epifanio67
Asked:
epifanio67
  • 6
  • 5
1 Solution
 
woolmilkporcCommented:
Hi,
if your chunks were surrounded by blank lines or the like you could use
grep -p [keyword]
with -p meaning 'paragraph' (this is unique to AIX's grep).
you can use grep -p[separator] to have a separator of your choice (instead of blank lines)
If this is not enough, you can use gnu grep, which has options for 'preceeding' and 'following'
Find gnu grep here -
http://www-03.ibm.com/systems/power/software/aix/linux/toolbox/download.html
Its manpage is here -
http://unixhelp.ed.ac.uk/CGI/man-cgi?grep
 
Look at the -A, -B, and -C options.
 
wmp
0
 
epifanio67Author Commented:
thx woolmilkporc

I just tried it... I did:

grep -p SIPS:LOGBLOCK:BEGIN:SIPDATA:[

and I got back:

$ inbalance

do you know why? may be because there is colons on the keyword?
0
 
woolmilkporcCommented:
I guess SIPS:LOGBLOCK:BEGIN:SIPDATA:[  is your separator?
Put it in single quotes ( ' ' ) to protect special characters like ']' from the shell, and omit the pace following the '-p'
grep -p'SIPS:LOGBLOCK:BEGIN:SIPDATA:[ '  searchstring   file
 

 
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
epifanio67Author Commented:
no,

SIPS:LOGBLOCK:BEGIN:SIPDATA:[  is the keyword

I just tried:

$ grep -p '---- separator---' 'SIPS:LOGBLOCK:BEGIN:SIPDATA:[' filename

I got back:

$grep: Not a recognized flag: -
0
 
woolmilkporcCommented:
Yes, that's because grep assumes the '-' in your separator to be the begin of a new flag.
Omit the space following '-p' !
 
grep -p'---- separator---' 'SIPS:LOGBLOCK:BEGIN:SIPDATA:[' filename

 
0
 
epifanio67Author Commented:
got

$inbalance

I even tried:

$grep -e 'SIPS:LOGBLOCK:BEGIN:SIPDATA:[' filename

the usage man says that -e is for patterns...

0
 
woolmilkporcCommented:
As a circumvention, omit the [
This will make no difference for your search (well, most probably)
0
 
epifanio67Author Commented:
no, I get the same error...

I don't know how people read this huge log files in UNIX

is there any other way?

thx
0
 
woolmilkporcCommented:
As for the 'imbalance':
yes, -e is for patterns, and as the opening bracket is an integral part of an regexp, grep tries to interpret it.
Using the '-e' or not makes only a difference with patterns beginning with a '-' : the '-e' will protect them from being interpreted as an option.
The only circumvention (besides not using [ ] in search strings) is, afaik, escaping the [ with a backslash '\',
so

grep 'SIPS:LOGBLOCK:BEGIN:SIPDATA:\[' filename

should work.

0
 
epifanio67Author Commented:
it doesn't do anything for some reason... it outputs a blank $

I think I am just gonna move the files to a local dir and open with Notepad... too big of a file..

Thx wolmilkporc you deserve the points for the support and quick response... thx man
0
 
woolmilkporcCommented:
Why give up?
If the searchstring is contained in your file at all, grep must find it!
Whom should we trust if not grep (and all its close and not so close relatives, of course)?

Try to shorten the search string, e.g. search for only LOGBLOCK or the like.
Remember, if not called with the -i flag, grep is case-sensitive.

And if the chunk processing doesn't work with AIX grep, there is still Gnu grep (see above).

As for large logfiles:

I think you should rotate them on a regular basis using logrotate.

Find logrotate here:

http://bio.gsi.de/DOCS/AIX/aixpdslib.seas.ucla.edu/packages/logrotate.html

(the 5.1 version will work)

and here is its manpage:

http://linux.die.net/man/8/logrotate

Should you have questions/problems, come to EE and ask.
If you put a question in the AIX zone, be sure that I'll be there!

Thanks for the points,

Good luck!

Norbert (wmp)

0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 6
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now