Search code examples
kshaix

Adding Current Date and Time in AWK pattern match with Wildcard

I have this logging string that I want to search for:

[Nov 18, 2019 8:53:36 AM] ProcessFlow RMI Server started at: 10.155.166.24:16003

I want to trap the month day, year and the string "RMI Server started"

I'm not having luck with this in AIX commandline:

$awk '$0 ~ /(date "+%b %d, %Y")*RMI Server started/' /lsf10/law/system/pfrmi.log

NOTE: it does capture the RMI Server Started - but all the dates of this message

Solution

  • First issue is the date call, while calling from within the awk script is doable, it's going to be easier if we make the call in ksh, store the result in a ksh variable, and then pass this variable into awk using the -v option.

    Second issue is the mixing of a (awk) variable and a regex for pattern matching; I find it's a bit easier to build a regex pattern first and then use said pattern for the actual pattern matching.

    But first some data ... assuming 'today' is 23 March 2021:

    $ cat pfrmi.log
[Mar  9, 2019 8:53:36 AM] ProcessFlow RMI Server started at: 10.155.166.24:16003   - skip this line
[Mar 23, 2021 8:53:36 AM] ProcessFlow RMI Server started at: 10.155.166.24:16003   - pick this line
[Nov 18, 2019 8:53:36 AM] some other  TOT Server started at: 10.155.166.24:16003   - skip this line
[Mar 23, 2021 8:53:36 AM] ProcessFlow RMI Server started at: 10.155.166.24:16003   - pick this line
  [Mar 23, 2021 8:53:36 AM] ProcessFlow RMI Server started at: 10.155.166.24:16003 - skip this line
[Nov 18, 2020 8:53:36 AM] ProcessFlow RMI Server started at: 10.155.166.24:16003   - skip this line

    Now the proposed code:

    $ today=$(date '+%b %d, %Y')
$ echo "${today}"
Mar 23, 2021

$ awk -v today="${today}" '                            # pass ksh variable into awk
BEGIN    { ptn="^[[]"today" .*RMI Server started" }    # build our regex pattern
$0 ~ ptn                                               # test current line against our regex and if it matches the line will be passed to stdout
' pfrmi.log

    For my sample data file this generates:

    [Mar 23, 2021 8:53:36 AM] ProcessFlow RMI Server started at: 10.155.166.24:16003 - pick this line
[Mar 23, 2021 8:53:36 AM] ProcessFlow RMI Server started at: 10.155.166.24:16003 - pick this line

    Collapsing the awk into a single-line command and removing the comments:

    awk -v today="${today}" 'BEGIN { ptn="^[[]"today" .*RMI Server started" } $0 ~ ptn' pfrmi.log