Linux: how to copy part of the logs from a file to a new file using several filters?

N

nEkToSAN2021-11-23 14:49:53

Command line

nEkToSAN, 2021-11-23 14:49:53

Good afternoon!
There is a Cisco ASA log file stored on the ubuntu server - file.log . The file is not small, more than 4 gigabytes. You need to copy part of the logs to a new file using several filters:
- all lines that include the text "11.11.11.11/111" (IP address and port)
- And the beginning of the fragment should be from the lines that indicate the time, let's say from 19 :00, and the end - with lines where the time is 21:00 (shorter for a certain period of time).
I have reviewed the articles and Q&A threads on this topic (on cut, head, tail, awk and a few other text tools), but to be honest, to put together in my mind a complete picture of what the command for copying with the given filters should look like for me until it works.
Please let me know which command can do this. Or is it better to break it into parts and copy the fragment first by one filter, and then by another?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

T

trypzz, 2021-11-23
@trypzz

Regexp (regular expressions) will help you, after you write a regular expression, output the file -> filter -> redirect the result of the filtering output to a new file. By type:
grep -e "regular" old_file.log > new_file.log

S

Saboteur, 2021-11-23
@saboteur_kiev

read about sed, just for your situation

sed -n '/19:00,/21:00/{/11.11.11.11\/111/p}' file.log > newfile.log