Получить / var / log / mesages за определенное время

Question

Я хочу просмотреть журналы за определенное время, т. Е. С 10:00 до 13:00.

• ОС: redhat 6
• Log: / var / log/ messages
• Отметка времени: 10 ноября, с 10:00 до 13: 00

Я пробовал команду ниже, но не повезло:

sed -n '/Nov  10 10:00:01/ , /Nov  10 13:30:09/p' /var/log/messages

Answer 1

Вы можете сделать это легко с помощью awk:

[root@test httpd]# cat /var/log/messages |awk '$0>="Nov 11 00:26:00" && $0<="Nov 11 00:28:00"'
Nov 11 00:26:15 test named[3224]: REFUSED unexpected RCODE resolving '30.145.232.49.in-addr.arpa/PTR/IN': 58.129.247.39#53
Nov 11 00:26:16 test named[3224]: REFUSED unexpected RCODE resolving '30.145.232.49.in-addr.arpa/PTR/IN': 211.153.19.1#53
Nov 11 00:26:16 test named[3224]: REFUSED unexpected RCODE resolving '30.145.232.49.in-addr.arpa/PTR/IN': 58.129.247.39#53
Nov 11 00:26:16 test named[3224]: REFUSED unexpected RCODE resolving '30.145.232.49.in-addr.arpa/PTR/IN': 211.153.19.1#53
Nov 11 00:26:36 test script.sh: sending incremental file list
Nov 11 00:26:36 test script.sh: trace-2019-11-11-00-25-16-1573424716.pcap
Nov 11 00:26:38 test script.sh: sent 6,979,522 bytes  received 43 bytes  1,994,161.43 bytes/sec
Nov 11 00:26:38 test script.sh: total size is 6,977,686  speedup is 1.00
Nov 11 00:27:39 test script.sh: sending incremental file list
Nov 11 00:27:39 test script.sh: trace-2019-11-11-00-26-16-1573424776.pcap
Nov 11 00:27:41 test script.sh: sent 6,817,012 bytes  received 43 bytes  2,726,822.00 bytes/sec
Nov 11 00:27:41 test script.sh: total size is 6,815,216  speedup is 1.00
[root@test httpd]#