bash only email if occurrence since last alert

前端 未结 1 1590
死守一世寂寞
死守一世寂寞 2021-01-27 10:27

I\'m monitoring a log file for a specific word and using tac to output the 5 lines before and after it

#!/bin/bash
tac /var/log/syslog |grep -m1 -A5 -B5 \'WORD\'         


        
相关标签:
1条回答
  • 2021-01-27 11:24

    You should only search trough last 5 min of data:

    data5m=$(awk '$0>=from' from="$(date +"%b %e %H:%M:%S" -d -5min)" /var/log/syslog)
    

    Then you can grep from this data:

    grep -m1 -C5 'WORD' <<< "$data5m"
    

    Update:

    awk '$0>=from' from="$(date +"%b %e %H:%M:%S" -d -5min)" /var/log/syslog | grep -m1 -C5 'WORD'
    

    Or all in one awk

    awk '{a[NR]=$0} /pattern/ && $0>=from {f=NR} END {for (i=f-5;i<=f+5;i++) print a[i]}' from="$(date +"%b %e %H:%M:%S" -d -5min)" /var/log/syslog
    
    0 讨论(0)
提交回复
热议问题