HELP - I need to write a script to read a log file

[morgaann]

I've just started using awk and I really could use some help. I have a log file that is constantly getting appended to every night and the output looks something like this;

/29/03 01:54:01 nsrd: /dev/rmt/4ubn Eject operation in progress
05/29/03 01:54:10 nsrd: /dev/rmt/1ubn Mount operation in progress
05/29/03 01:54:22 nsrd: media event cleared: confirmed mount of NTBelz.033 on /dev/rmt/1ubn
05/29/03 01:54:28 nsrd: media notice: dlt7000 tape bak2.NTmfs3.065 on /dev/rmt/7ubn is full
05/29/03 01:54:29 nsrd: media notice: dlt7000 tape bak2.NTmfs3.065 used 50 GB of 35 GB capacity
05/29/03 01:54:45 nsrd: media info: loading volume bak2.NT.C.502 into /dev/rmt/4ubn
5/06/03 06:23:03 nsrd: media event cleared: confirmed mount of bak2.NTmfs4.010 on /dev/rmt/1ubn
05/06/03 06:30:08 nsrd: media notice: dlt7000 tape bak2.NTmfs3.C.062 on /dev/rmt/2ubn is full
05/06/03 06:30:08 nsrd: media notice: dlt7000 tape bak2.NTmfs3.C.062 used 49 GB of 35 GB capacity
05/06/03 06:30:24 nsrd: media info: verification of volume "bak2.NTmfs3.C.062", volid 2931725057 succeeded.
05/06/03 06:30:40 nsrd: write completion notice: Writing to volume bak2.NTmfs3.C.062 complete
05/06/03 23:58:12 nsrd: media notice: dlt7000 tape MSEXCH.376 on /dev/rmt/0ubn is full
05/06/03 23:58:12 nsrd: media notice: dlt7000 tape MSEXCH.376 used 41 GB of 35 GB capacity
05/06/03 23:59:13 nsrd: media info: verification of volume "MSEXCH.376", volid 2818370561 succeeded.
05/06/03 23:59:27 nsrd: write completion notice: Writing to volume MSEXCH.376 complete


I need the script to read this log file and find any line that contains "is full" and has today's date. Once I have those lines I need to get $8 (eg: bak2.NTmfs3.C.062, MSEXCH.376, bak2.NTmfs3.065) field and only save the field name that contains "NTmfs3" with no "C". So from this example I want the field "bak2.NTmfs2.065" to be saved into a filename for later use and I need this file appended with any other field it finds that meets the criteria.


Any help would be greatly appreciated.

 

[Salem]

Try this

The AWK program

#!/bin/awk
$1 == date && /is full/ {
    tape = $8
    if ( tape ~ "NTmfs3" ) {
        sub("C.","",tape)
        print tape
    }
}
#####

The command line to run it

awk -v date=`date +'%m/%d/%y'` -f prog.awk log.txt

log.txt is the log file you want to process

> 5/06/03 06:23:03 nsrd: media event cleared: confirmed mount of bak2.NTmfs4.010 on /dev/rmt/1ubn
Is this a typo, or do you have mis-formed log lines to deal with?

 

[vgersh99]

Something like that should give you a start.
Your example does not account for the 'todays date' - your example 8'th fields are from DIFFERENT dates.
You'll have to change the path names of 'morgan/log' and 'savedFile.txt' files.


#--------------------------- morgan.sh
#!/bin/ksh

#today=$(date +%m/%d/%y)
today='05/29/03'

#echo "today->[${today}]"

nawk -v today="${today}" '
BEGIN {
PAT_isfull="is full"
}
$1 == today && $0 ~ PAT_isfull && $8 !~ "C" { print $8 }
' morgan.log >> savedFile.txt


vlad
+----------------------------+
| #include<disclaimer.h> |
+----------------------------+

 

[morgaann]

this is a great start. I will work with this and hopefully get it working to my specifications.

Thanks for your help and if I need more guidance I will be back.

 

[morgaann]

I am trying to write the script in bourne shell using awk and while commands because that's all I am familiar with.

Is there any way that I could get help writing this script in the commands and shell that I am familiar with?

Thank you.

 

[vgersh99]

yes, there is!

What have you tried and what (if anything) is not working?

vlad
+----------------------------+
| #include<disclaimer.h> |
+----------------------------+

 

[morgaann]

Here's what I got so far. I figure I need to put it in a while loop because this log is constantly being written to and I need to catch the &quot;is full&quot; lines as they come in. The problem with what I've written is that when I get the value for $NAME(ie; NTmfs4) I want to print the full field (bak2.NTmfs4.060) and save it to a file. That is just not working out.



#!/bin/sh -x

LOGDIR=/nsr/logs/daemon.log
TODAY=`date +%m/%d/%y`
TAPEDIR=/var/tmp/extreme_cloning


RUN=true
while [ $RUN ]
do
Volume=`cat $LOGDIR | grep &quot;is full$&quot; | awk '{print $8}'`
NAME=`cat $LOGDIR |grep &quot;is full$&quot; | awk '{print $8}' | cut -d &quot;.&quot; -f2 | awk '{print $1}'`
LINE=`cat $LOGDIR | grep &quot;is full$&quot; | awk '{print $8}' | awk 'BEGIN {FS=&quot;.&quot;} {print NF}'`
if [ &quot;$LINE&quot; = &quot;3&quot; ] && [ &quot;$NAME&quot; = &quot;NTmfs4&quot; ]; then
#echo the Volume name containing the $NAME
else
echo &quot;Finish&quot;
exit
fi
done

 

[vgersh99]

hmmmmm.....
This is a 'bit' convoluted and I don't quite follow the logic.

It seems like a shell exercise and has very little to do with awk (this being an AWK forum. Most of your cat/grep/cut can be replaced with single AWK script (or so it seems).

Have you tried the awk script with a shell wrapper I've posted earlier?

If you wanna want to improve YOUR shell script, I'd suggest a different forum for that: UNIX scripting

vlad
+----------------------------+
| #include<disclaimer.h> |
+----------------------------+

 

[morgaann]

Thanks for the suggestion. My programming knowledge is very limited so I wasnt' sure which forum to post on. I will try this in the Unix Scripting forum.

I tried using the awk script you posted earlier but because of my limited knowledge, I couldn't make it work with what I already had.