Bash: Grep logrotated files from specific date to end of file

From FVue
Jump to: navigation, search

Problem

Exim log files are generated like this: 

main.log
main.log-20201231
main.log-20201230.gz
main.log-20201229.gz
main.log-20201228.gz
:
main.log-20201215.gz

with lines starting with a timestamp like this: 

2020-12-31 09:53:58 foobar

How can you grep the log files from a specific date/time to the end of the file? Suppose I only want to search for errors in the last three days?

Solution

List the files in the correct order and pass them to zcat to create one large file, then use sed to start printing from a given date. 

#!/usr/bin/bash
 
shopt -s extglob
 
function main() {
    local startdate=$(date '+%Y-%m-%d' --date '3 days ago')
    local dir=/var/log/exim
    {
        ls -1tr $dir/main.log-*.gz
        ls -1 $dir/main.log-+([0-9])
        ls -1 $dir/main.log
    } | xargs zcat -f | sed -n "/^$startdate/,\$p"
}
 
main | exigrep error
Retrieved from "https://fvue.nl/w/index.php?title=Bash:_Grep_logrotated_files_from_specific_date_to_end_of_file&oldid=10856"