I was trying to use awk command to extract contents from a log file for the last 5 mins. Below was the command I use
`awk -v d1="$(date --date="-5 min" "+%m/%d/%y %k:%M:%S:%3N")" -v d2="$(date "+%m/%d/%y %k:%M:%S:%3N")" '$0 > d1 && $0 < d2 || $0 ~ d2' /tmp/test.log
Found out the condition '$0 > d1 && $0 < d2 || $0 ~ d2'
only works on specific date formats. The date format in my log is below:
[2/9/17 13:30:35:552 EST]
The command I ran above didn't work..
But when I tested the other date format, like below: Feb 9 14:01
the condition worked.
awk -v d1="$(date --date="-30 min" "+%b %_d %H:%M")" -v d2="$(date "+%b %_d %H:%M")" '$0 > d1 && $0 < d2 || $0 ~ d2' /tmp/test2.log
Any idea why the condition doesn't work on this [2/9/17 13:30:35:552 EST] date format?