*nice* maillog output

Craig Tinson craig at 8010.co.uk
Tue Jun 22 20:58:07 UTC 2004 

>
>
>
>You can always try using awk, sed, and grep to manipulate the output stream.
>Here's something to get you started:
>
>tail /var/log/maillog | awk '{print $1" "$2" - ("$3")"}'
>
>Awk can automatically separate elements of a line when they are separated by
>whitespace.  The first element is referred to as $1, the second $2, etc.
>The above command will print out the date like you wanted:
>
>Jun 22 - (20:20:30)
>
>Use quotation marks to create static values in the output.  Grep will allow
>you to easily select lines that you want in the output but you'll have to be
>sure you accurately identify only those lines you want.  It can also be used
>in the format "grep -v" to output everything BUT the pattern that follows.
>You can pipe the stream though grep first to limit the lines you process
>like this:
>
>tail /var/log/maillog | grep message | grep -v sent | awk '{print $1" "$2" -
>("$3")"}'
>
>The above will only process lines that have the word "message" in them and
>also don't contain the word "sent".  The solution you will need will really
>depend on how many different types of line formats you need to process and
>how different they are from one another with respect to the relative
>positions of the pieces of the line you want to use.  If the types of lines
>you are looking to extract are too different, then this apporach won't work
>too well.  At that point you might want to look into using something like
>Perl which was built for tasks like this.
>
>Another useful command to use is sed, but regular expressions are a bit more
>complicated and difficult to cover adequately in an email message.
>Basically, they allow extremely complex pattern matching and replacement
>once you learn the syntax.  Again, your success rate will depend on the
>relative differences between line formats.  If you do some digging and look
>up these commands, you'll find some really cool stuff even if it doesn't
>help with this particular problem.
>
>I hope this helps.  :)
>
>
>Shockwave
>
>
>  
>
oooh.. missed this one.. this looks interesting...

thanks.. will have a play! :)

Craig

More information about the fedora-list mailing list