Tool to correlate logs by timestamp

log-filesloggingshell-scripting

I have various log files, some with the same format (webserver + webserver SSL), some with different formats and even different timestamps.

How can I correlate these log files together in a simple console tool?

Bonus question: Some logs might not have a timestamp in every line, such as exception logs – that start with a time stamp, followed by the exception:

2012-11-12T10:16:38+00:00 ERR (3): 
exception 'Exception' with message 'joinAttribute not implemented' in /var/foo/Bar.php:123
Stack trace:

Best Answer

You can use Simple Event Correlator (SEC) for this.

http://simple-evcorr.sourceforge.net/

Related Solutions

Web-server – ny standard log format that includes time taken to serve the request? Can i just add it without breaking standard logfile parsers

I'm not sure if that will work or not, but I'd go for something a bit different. Setup another LogFormat and CustomLog just for your metrics gathering.

LogFormat "%O %D" metrics
CustomLog "|/usr/local/bin/gather_metrics" metrics

How to programmatically convert putty logs to human-readable, searchable files

Assuming the escape codes in the putty file are in binary(im a little confused why your example has control characters - im guessing less did that), you can try col

http://man7.org/linux/man-pages/man1/col.1.html

The control sequences for carriage motion that col understands and their decimal values are listed in the following table:

          ESC-7             reverse line feed (escape then 7)
          ESC-8             half reverse line feed (escape then 8)
          ESC-9             half forward line feed (escape then 9)
          backspace         moves back one column (8); ignored in the
                            first column
          newline           forward line feed (10); also does carriage
                            return
          carriage return   (13)
          shift in          shift to normal character set (15)
          shift out         shift to alternate character set (14)
          space             moves forward one column (32)
          tab               moves forward to next tab stop (9)
          vertical tab      reverse line feed (11)

Best Answer

Related Solutions

Web-server – ny standard log format that includes time taken to serve the request? Can i just add it without breaking standard logfile parsers

How to programmatically convert putty logs to human-readable, searchable files

Related Topic