Check log files with grep

I sometime need to check some logs and I do this with this command:

egrep -o "p1|p2|...|pn" filename | sort | uniq -c

Example:

egrep -o "success|error|fail" test_file | sort | uniq -c

Sample input:

test started at 00:00
test delete fail
test error
test connect success
test insert success
test started at 00:00
test delete fail
test error
test connect success
test insert success
test started at 00:00
test delete  fail
test error
test connect success
test insert success
test started at 00:00
test delete  fail
test error
test connect success
test insert success

Sample output:

4 error
4 fail
8 success

How it works?

egrep -o "success|error|fail" test_file

From grep manual:

egrep – print lines matching a pattern
-o – Print only the matched (non-empty) parts of a matching line, with each such part on a separate output line.

“success|error|fail” – patterns
test_file – input file

If we run only egrep -o “success|error|fail” test_file we get this:

fail
error
success
success
fail
error
success
success
fail
error
success
success
fail
error
success
success

next we need to send grep output to sort:

| sort

From sort manual:

sort – sort lines of text files

After sort is completed we have this:

error
error
error
error
fail
fail
fail
fail
success
success
success
success
success
success
success
success

now we need to send sort output to uniq command:

| uniq -c

From uniq manual:

uniq – report or omit repeated lines
-c – prefix lines by the number of occurrences

After this, we have what we wanted:

4 error
4 fail
8 success

This is all for today. I hope that this will help you to check huge log files!

No Comments Yet.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.