Date: Fri, 22 Feb 2002 14:51:15 -0000 From: "Barry Byrne" <barry.byrne@wbtsystems.com> To: "Scott Aitken" <null0@pobox.com>, <freebsd-questions@FreeBSD.ORG> Subject: RE: Sorting Apache logs by Date and Time Message-ID: <NCBBIAMNAKDKFJIIGNPKGENDHFAA.barry.byrne@wbtsystems.com> In-Reply-To: <20020222050939.A43475@gandalf.scott.sh>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format...
------------=_1014389478-130-6
Content-Type: multipart/mixed; boundary="----------=_1014389479-130-8"
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.411 (Entity 5.404)
This is a multi-part message in MIME format...
------------=_1014389479-130-8
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Scott:
Another solution:
script below called sort.pl does the job in three stages:
1. Tag the beginning of each line with a sortable tag
2. Sort the file
3. Remove the tag
cat access_log | sort.pl > access_log.sorted
Cheers,
Barry
---------------------------- start sort.pl ------------------------
#!/usr/bin/perl
# sort.pl
$TEMP="/tmp/.temp$$";
open(TEMP, "> $TEMP") || die "Can't open $TEMP for writing";
%months=( 'Jan' => '01', 'Feb' => '02', 'Mar' => '03',
'Apr' => '04', 'May' => '05', 'Jun' => '06',
'Jul' => '07', 'Aug' => '08', 'Sep' => '09',
'Oct' => '10', 'Nov' => '11', 'Dec' => '12' );
while (<>) {
if (/\d+\.\d+\.\d+\.\d+\s-\s-\s\[(\d+)\/(\S+)\/(\d+):(.+)\]\s\".*$/) {
$year=$3;
$month=$months{$2};
$date=$1;
$time=$4;
print(TEMP "TIMETAG-$year$month$date$time-TIMETAG:$_\n");
}
}
close(TEMP);
system("sort -o $TEMP $TEMP");
open(TEMP, "< $TEMP") || die "Can't open $TEMP for reading";
while (<TEMP>) {
if (/TIMETAG-.*?TIMETAG:(.*)$/) {
print("$1\n");
}
}
unlink($TEMP);
---------------------------- end sort.pl ------------------------
--
Barry Byrne, IT Manager,
WBT Systems, Block 2, Harcourt Centre
Harcourt Street, Dublin 2, Ireland
> -----Original Message-----
> From: owner-freebsd-questions@FreeBSD.ORG
> [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Scott Aitken
> Sent: 21 February 2002 18:10
> To: freebsd-questions@FreeBSD.ORG
> Subject: Sorting Apache logs by Date and Time
>
>
> Hi All,
> is there a quick way to sort apache logs by the date and time
> field if the format is the following:
>
> 146.101.149.65 - - [22/Feb/2002:04:18:54 +1100] "GET
> /images/test.png HTTP/1.0" 200 381
> "http://www-redirect.scott.sh:8080/cgi-bin/fred.pl" "Mozilla/4.0
> (compatible; MSIE 5.5; Windows 98)"
>
> This is a sample line.
>
> I have found difficulty in using the sort utility because of the
> textual month names, as well as the fact that the separators are
> both slashes and colons.
>
> Regards and TIA,
> Scott Aitken
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
>
------------=_1014389479-130-8--
------------=_1014389478-130-6--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NCBBIAMNAKDKFJIIGNPKGENDHFAA.barry.byrne>