Re: [gentoo-user] Time format in log files
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 29. Jan, Jan Seeger spammed my inbox with On Tue, 29. Jan, Peter Humphrey spammed my inbox with On Monday 28 January 2008 16:43:29 Jan Seeger wrote: snip Nope. I pasted that into a file called pipe, and it still returns Unix time stamps, thus: $ grep completed /var/log/emerge.log | tail | ./pipe 1201599475: ::: completed emerge (1 of 86) kde-base/arts-3.5.8 to / Also, you suddenly changed the timestamp and removed the '['s and ']'s. Regards Jan Seeger - -- thenybble.de/blog/ -- four bits at a time -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.7 (GNU/Linux) iD8DBQFHnwyWMmLQdC6jvocRApOsAJ4yzt/l+q1mD5KW/+umGbuOvstrogCfRrMv NCM5/7T8+exfhzrC9knqGE8= =2j6a -END PGP SIGNATURE- -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Time format in log files
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 29. Jan, Peter Humphrey spammed my inbox with On Monday 28 January 2008 16:43:29 Jan Seeger wrote: snip Nope. I pasted that into a file called pipe, and it still returns Unix time stamps, thus: $ grep completed /var/log/emerge.log | tail | ./pipe 1201599475: ::: completed emerge (1 of 86) kde-base/arts-3.5.8 to / Just execute the exact command line I gave you. Perl needs the command line arguments to work it's magic. - -- thenybble.de/blog/ -- four bits at a time -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.7 (GNU/Linux) iD8DBQFHnwwgMmLQdC6jvocRAk5NAJ93PwwcdZGa8kEMawJD2HnyHi0bFwCeOyz/ MeScJQlQzXCnbjqjnNZFTJo= =OLup -END PGP SIGNATURE- -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Time format in log files
On Monday 28 January 2008 16:43:29 Jan Seeger wrote: perl -npe '/^\[(\d+)\]/; @times = localtime $1; $times[4]++; $times[5]+=1900; s/\[\d+\]/$times[2]:$times[1] $times[3].$times[4].$times[5]/;' Just pipe your log through that and you will get beautiful (european) dates instead of timestamps. use perl or die()^^. s/or/and/ :-) I got it using the following jumbled one-liner: Nope. I pasted that into a file called pipe, and it still returns Unix time stamps, thus: $ grep completed /var/log/emerge.log | tail | ./pipe 1201599475: ::: completed emerge (1 of 86) kde-base/arts-3.5.8 to / ... Next? :-) -- Rgds Peter -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Time format in log files
On Tuesday 29 January 2008, Peter Humphrey wrote: Yes, it does here too*. I'm still scratching my head over how to pipe it into a command to filter grep output, but without involving much typing; that's why I went looking for someone else's solution. You probably already thought about this, but you can of course define an alias or script to avoid typing everything all the times. -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Time format in log files
On Sunday 27 January 2008, Mick wrote: On Sunday 27 January 2008, Greg Bowser wrote: Hi, Those dates are in a format called unix timestamps, which represent the number of seconds since the unix epoch (Jaunuary 1st, 1970). You can get the current unix timestamp via the date command (date +%s). As far as any command-line utility to convert them,I leave that to Google. However, most programming languages provide functions to convert between timestamp formats. Thanks Greg, It's amazing what one can dig out from Google: perl -pe 's/(\d+)/localtime($1)/e' /var/log/logfile_name I like this one too: # date -d @1200806556 Sun Jan 20 06:22:36 CET 2008 -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Time format in log files
On Sunday 27 January 2008 21:54:23 Mick wrote: Hi All, I am sure that someone has asked this before, but a cursory look doesn't bring anything up. I am going through some logs and I cannot understand what the time was when certain events took place: [1200806556] SERVICE ALERT: router.xxx [1200806576] SERVICE ALERT: router.xxx [1200806891] HOST ALERT: router.xx [1200806891] Could you please tell me how to interpret/parse these so that they show time in hrs:min so that I can understand it? (anything I could feed to less would be grand). I asked a similar question last year, in the hope of finding a tiny utility through which to pipe grep output. I was offered an Awk recipe, but I couldn't get it to work at the time. I'm still looking for an answer, and Google isn't helping me. Nor is my Bash Cookbook from O'Reilly. -- Rgds Peter -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Time format in log files
What you are looking at is a unix timestamp - seconds since 1/1/70 (from memory) A number of log analysers will convert it for you. I pipe squid logs and the like through cat logfile|ccze -C which will do the conversion on the fly. BillK On Mon, 2008-01-28 at 10:21 +, Peter Humphrey wrote: On Sunday 27 January 2008 21:54:23 Mick wrote: Hi All, I am sure that someone has asked this before, but a cursory look doesn't bring anything up. I am going through some logs and I cannot understand what the time was when certain events took place: [1200806556] SERVICE ALERT: router.xxx -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Time format in log files
On Monday 28 January 2008 12:07:45 William Kenworthy wrote: What you are looking at is a unix timestamp Yes, we've established that. A number of log analysers will convert it for you. I pipe squid logs and the like through cat logfile|ccze -C which will do the conversion on the fly. $ grep completed /var/log/emerge.log | ccze -C gives lines like this: 1197637365: ::: completed emerge (57 of 207) app-doc/xorg-docs-1.4-r1 to / and then the whole lot disappears at the end of the listing. I can't see anything in the manual to help (missing plugins or anything), so I'll have to abandon this one. Thanks anyway. -- Rgds Peter -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Time format in log files
On Monday 28 January 2008, Peter Humphrey wrote: $ grep completed /var/log/emerge.log | ccze -C gives lines like this: 1197637365: ::: completed emerge (57 of 207) app-doc/xorg-docs-1.4-r1 to / and then the whole lot disappears at the end of the listing. I can't see anything in the manual to help (missing plugins or anything), so I'll have to abandon this one. Thanks anyway. The solution Mick previously found seems to work just fine even with /var/log/emerge.log: # grep completed /var/log/emerge.log | perl -pe 's/(\d+)/localtime($1)/e' Tue Nov 2 16:57:54 2004: ::: completed emerge (1 of 1) sys-apps/portage-2.0.51-r2 to / Tue Nov 2 16:58:54 2004: ::: completed emerge (1 of 1) sys-apps/portage-2.0.51-r2 to / ... (output omitted) ... Mon Jan 28 14:14:44 2008: ::: completed emerge (6 of 7) x11-libs/wxGTK-2.6.4.0-r3 to / Mon Jan 28 14:14:47 2008: ::: completed emerge (7 of 7) app-admin/eselect-wxwidgets-0.7-r1 to / -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Time format in log files
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 28. Jan, Peter Humphrey spammed my inbox with On Sunday 27 January 2008 21:54:23 Mick wrote: Hi All, I am sure that someone has asked this before, but a cursory look doesn't bring anything up. I am going through some logs and I cannot understand what the time was when certain events took place: [1200806556] SERVICE ALERT: router.xxx [1200806576] SERVICE ALERT: router.xxx [1200806891] HOST ALERT: router.xx [1200806891] Could you please tell me how to interpret/parse these so that they show time in hrs:min so that I can understand it? (anything I could feed to less would be grand). use perl or die()^^. I got it using the following jumbled one-liner: perl -npe '/^\[(\d+)\]/; @times = localtime $1; $times[4]++; $times[5]+=1900; s/\[\d+\]/$times[2]:$times[1] $times[3].$times[4].$times[5]/;' Just pipe your log through that and you will get beautiful (european) dates instead of timestamps. Regards Jan Seeger -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.7 (GNU/Linux) iD8DBQFHngYwMmLQdC6jvocRAofjAKCNWtVhKGrGgukMX9LprFDt08qblgCglj40 L3DUKgZpph5DnAB6qE36tIk= =nyK3 -END PGP SIGNATURE- -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Time format in log files
Hi, Those dates are in a format called unix timestamps, which represent the number of seconds since the unix epoch (Jaunuary 1st, 1970). You can get the current unix timestamp via the date command (date +%s). As far as any command-line utility to convert them,I leave that to Google. However, most programming languages provide functions to convert between timestamp formats. -- Greg On Jan 27, 2008 4:54 PM, Mick [EMAIL PROTECTED] wrote: Hi All, I am sure that someone has asked this before, but a cursory look doesn't bring anything up. I am going through some logs and I cannot understand what the time was when certain events took place: [1200806556] SERVICE ALERT: router.xxx [1200806576] SERVICE ALERT: router.xxx [1200806891] HOST ALERT: router.xx [1200806891] Could you please tell me how to interpret/parse these so that they show time in hrs:min so that I can understand it? (anything I could feed to less would be grand). -- Regards, Mick -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] Time format in log files
On Sunday 27 January 2008, Greg Bowser wrote: Hi, Those dates are in a format called unix timestamps, which represent the number of seconds since the unix epoch (Jaunuary 1st, 1970). You can get the current unix timestamp via the date command (date +%s). As far as any command-line utility to convert them,I leave that to Google. However, most programming languages provide functions to convert between timestamp formats. Thanks Greg, It's amazing what one can dig out from Google: perl -pe 's/(\d+)/localtime($1)/e' /var/log/logfile_name -- Regards, Mick signature.asc Description: This is a digitally signed message part.
