Help with awk command 3

[johngiggs]

I am attempting to search the syslog for certain messages, but I cannot seem to get it to work. I used the command below to no avail. The variable YDAY is initiated in the profile and is exported.

In this case, YDAY=0900, so I'm basically searching for the strings "bkp33dly 0900 Completed" in the syslog.

awk -v YDAY="$YDAY" '/bkp33dly YDAY Completed/{print}' /var/adm/syslog/syslog.log

I am testing it in the command line prior to compiling a larger awk script.

Any help would be greatly appreciated.

Thanks,

John

 

[PHV]

Try this:

awk '/bkp33dly '"$YDAY"' Completed/{print}' /var/adm/syslog/syslog.log

or simpler:

fgrep "bkp33dly $YDAY Completed" /var/adm/syslog/syslog.log

Hope This Help
PH.

 

[johngiggs]

PHV,

Thanks, the awk script works well. I wasn't aware that I could use that syntax rather than the awk -v.

John

 

[PHV]

In awk you can't put a variable inside a /pattern/.
If you insist with -v:

awk -v YDAY="$YDAY" '
{if($0~"bkp33dly "YDAY" Completed") print
}' /var/adm/syslog/syslog.log

Hope This Help
PH.

 

[johngiggs]

PHV,

Unless I am doing something wrong, it does not seem to work when it used in an awk script invoked with the awk -f command. How would I go about setting the variable for use with awk? The -v syntax I have tried does not seem to work.

Thanks,

John

 

[vgersh99]

nawk -v YDAY="$YDAY" '
$0 ~ ("bkp33dly " YDAY " Completed&quot' /var/adm/syslog/syslog.log

vlad
+----------------------------+
| #include<disclaimer.h> |
+----------------------------+

 

[johngiggs]

PHV,

Basically, what I am trying to accomplish is to search the syslog for multiple strings. I will be invoking the command as follows:

awk -v variable definition -f scriptname file

My awk script currently looks like this:

/bkp33dly YDAY Completed/{print}
/bkp08dly YDAY Completed/{print}
...

Any help would be greatly appreciated.

Thanks,

John

 

[vgersh99]

'multiple' as in what?

Either one of the strings?
All of the strings?
All of the strings appearing in particular sequence?

A sample input and a desired output could be helpful.

Hint: you might be better of with 'egrep'

vlad
+----------------------------+
| #include<disclaimer.h> |
+----------------------------+

 

[PHV]

Something like this in awk script ?

$0~("bkp33dly "YDAY" Completed){print}
$0~("bkp08dly "YDAY" Completed){print}

Hope This Help
PH.

 

[johngiggs]

Vlad,

Below I used grep to give you an example as to what the input (the syslog in this case) contains for one of the examples I am looking for.

server_A : grep 'bkp03dly 0900 Completed' $SYSLOG
Dec 9 05:26:39 sysmgt root: .CASH_I_0060 bkp03dly 0900 Completed at 05.26.39, code: 00000000

There are a bunch of jobs that run daily and entries are logged in the syslog. I am just looking for the completion messages to verify that they have completed. The variables YDAY and DAY are 4 character strings that are defined in my .profile. DAY is the current day of the month followed by 00, so today, for example would be 1100 and YDAY is the previous day, so that would be 1000. Some of the jobs run late at night and do not complete the same day I do the query, so for those, I would be using YDAY rather than DAY. What I'm trying to accomplish is quite simple, but I'm probably not doing a good job explaining it. In my awk script I have over 100 jobs which I am searching for in the syslog.

So basically the awk script has the following:

jobname YDAY Completed
jobname2 DAY Completed
...

I initially tried setting up the awk script to look like this:

/bkp33dly YDAY Completed/{print}
/bkp30dly DAY Completed/{print}
...

and I tried to invoke it using the following command:

awk -v YDAY=&quot;$YDAY&quot; -v DAY=&quot;$DAY&quot; -f awk.script inputfile

Apparently I am doing something wrong as I have not been able to get the desired results. For now, I would be happy with seeing the entire line printed and I will filter it out a little more after I achieve the desired result.

Thanks,

John

 

[vgersh99]

try something like that:

nawk -v DAY=&quot;${DAY}&quot; -v YDAY=&quot;${YDAY}&quot; -f johng.awk inputfile

#------------------ johng.awk
BEGIN {
PAT=&quot;(&quot; YDAY &quot|( &quot; DAY &quot.*Completed&quot;
}

$0 ~ PAT

vlad
+----------------------------+
| #include<disclaimer.h> |
+----------------------------+

 

[johngiggs]

Vlad,

I tested it on another machine and that works well, unfortunately, the server I would like to use it on does not have nawk installed...Is there a similar solution using awk?

Thanks,

John

 

[johngiggs]

PHV & Vlad,

I think I have it working fine now, however it seems to be very CPU intensive. I am using the following command to execute the awk script.

awk -v YDAY=&quot;$YDAY&quot; -v DAY=&quot;$DAY&quot; -f chk.awk $SYSLOG

{if($0~&quot;bkp33dly &quot;YDAY&quot; Completed&quot print}
{if($0~&quot;hypdaily &quot;DAY&quot; Completed&quot print}
{if($0~&quot;bkp18dly &quot;DAY&quot; Completed&quot print}
{if($0~&quot;bkp13tue &quot;DAY&quot; Completed&quot print}
...

Is there a different way that I can set up the script so that it isn't so CPU intensive or an alternate solution?

Thanks,

John

 

[johngiggs]

I have decided to use grep to extract the data from the syslog and then use awk to format the script the way I would like. PHV and Vlad, thank you both for all of your help. I really appreciate it.

Thanks,

John

 

[Ygor]

Could use grep (as suggested), like...
[tt]
cat <<!! >$TMPFILE
bkp33dly $YDAY Completed
hypdaily $DAY Completed
bkp18dly $DAY Completed
bkp13tue $DAY Completed
!!
grep -f $TMPFILE $SYSLOG
[/tt]