|
Hi, i am trying to extract logs from /var/log/squid/access.log by date, but i dont know how to do it? date formate given in access.log is in different formate, like : 1282714773.395 20 192.168.10.44 TCP_IMS_HIT/304 314 GET http://www.google.com - NONE/- - 1282714774.029 13 192.168.10.44 TCP_IMS_HIT/304 314 GET http://www.google.com - NONE/- - I tried following command to extract latest logs : egrep /var/log/squid/access.log | awk '{print$3 " " $8 " " $7}' | tail But i want to extract logs according to date without any external software(sarg) can anyone have solution for this? please help me.. |
|
Hi What version of Squid are you using? I use Squid3 and dates in access.log are like this 85.25.176.167 - - [26/Aug/2010:07:13:52 +0100] Looks like the format in your log is in epoch format. You could write a script that gets the values in epoch for today (or any day) and then grep that range from the access.log. Kind regards, Eric Hi, thanks Eric, i am using squid-2.6. It is critical work to pass portion of date to convert in to normal date formate using epoch, then extract logs for the perticular date, is there any other simple way? Thanks, Kiran.
(26 Aug '10, 09:38)
Kiran
Hi Kiran, The simplest way I can think of is to upgrade to Squid 3.1, which is the latest stable release. 2.6 is an old version already. Consult the changes between both versions since there are some important differences. Kind regards, Eric
(27 Aug '10, 10:34)
EricTRA
|
|
date +%s will give you the epoch and you can * from the right to find periods of time for your search.
|
