squid log file question

[mragain]

I'm trying to use awk to print out the contents of the squid log relative to a specific IP address. The challenge is reformating the linux time stamp back out to a readable format of day:hour:minute:seconds

I've searched with google and in these news groups, but haven't been able to find and sample code on how to do this. Thanks in advance for the help.

mragain

 

[thedaver]

You could cram the records into a suitable mysql table and let mysql's unixtime to date string conversions do all the heavy lifting....

Internet Directory

http://dir.surfinbox.com/dir.php/Top

 

[mragain]

I haven't install mysql on the box and may need to look at that in the future, but I've seen this done before using an awk commmand line string.

 

[xmb]

MrAgain, there was recently a thread about it in the scripting thread, used gawk to compare seconds made up of dates extracted, thread822-1013821.
Search for mktime in the gawk man page to see the syntax gawk eats dates to seconds. Whats the format in your log anyway?

. Mac for productivity
.. Linux for developement
... Windows for solitaire

 

[mragain]

I actually found what I was looking for. To search the access.log file for a specific ip the command line is:

grep ip access.log | awk '{print (strftime("%D %r",$1)"\t"$3"\t"$7 )}'

 

[xmb]

awk -v OFS=\\t "/$ip/ { print strftime( .. $1 ), $3, $7 }" access.log # but aint faster, so nevermind.