On 06/13/11 12:36 AM, ankush grover wrote:> Hi Friends!
>
> I need to prepare a script which will grep logs from the current time
> to previous 5 mins that is if the current time is Mon Jun 13 12:40:40
> IST 2011 then all the logs between the interval Mon Jun 12:35 - 12:40
> 2011 should be grepped by the script and append it to another file.
> However, the below script is not able to grep the desired logs, so I
> need some help in preparing the script. I am running Centos 5.2
> 32-bit.
>
>
>
> for (( i = 5; i>=0; i-- )) ; do grep $(date "+%a %b %d %R %Y"
-d "-$i
> min") /var/ossec/logs/active-responses.log>>
/tmp/newlog.log;done
>
>
> /var/ossec/logs/active-responses.log format is below
> Fri Jun 3 15:38:14 IST 2011
> /var/ossec/active-response/bin/host-deny.sh add - 172.31.5.12
> 1307095694.71353 31151
> Fri Jun 3 15:38:14 IST 2011
> /var/ossec/active-response/bin/firewall-drop.sh add - 172.31.5.12
> 1307095694.71353 31151
Well,
$ i=5 date "+%a %b %d %R %Y" -d "-$i min"
Mon Jun 13 00:46 2011
so that probably won't work for matching the text in your logfiles...
--
john r pierce N 37, W 122
santa cruz ca mid-left coast