conf t

インフラエンジニアのメモ

apacheアクセスログを日付でgrepする際の文字生成

grepする対象はcombined形式のログ

# cat testlog2.log
127.0.0.1 - frank [04/Feb/2016:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 200 100 "http://www.example.com/start.html" "Mozilla/4.08 [en] (Win98; I ;Nav)"
127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 202 100 "http://www.example.com/start.html" "Mozilla/4.08 [en] (Win98; I ;Nav)"
127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 203 100 "http://www.example.com/start.html" "Mozilla/4.08 [en] (Win98; I ;Nav)"
127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 204 100 "http://www.example.com/start.html" "Mozilla/4.08 [en] (Win98; I ;Nav)"
127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 205 100 "http://www.example.com/start.html" "Mozilla/4.08 [en] (Win98; I ;Nav)"
127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 200 100 "http://www.example.com/start.html" "Mozilla/4.08 [en] (Win98; I ;Nav)"
127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 200 100 "http://www.example.com/start.html" "Mozilla/4.08 [en] (Win98; I ;Nav)"
127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 401 10 "http://www.example.com/start.html" "Mozilla/4.08 [en] (Win98; I ;Nav)"
127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 404 10 "http://www.example.com/start.html" "Mozilla/4.08 [en] (Win98; I ;Nav)"
127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 404 10 "http://www.example.com/start.html" "Mozilla/4.08 [en] (Win98; I ;Nav)"

1 今日のログをgrepする

# grep "$(env LANG=c date '+\[%d\/%b\/%Y')" testlog2.log
127.0.0.1 - frank [04/Feb/2016:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 200 100 "http://www.example.com/start.html" "Mozilla/4.08 [en] (Win98; I ;Nav)"

検証環境が日本語環境のため、dateコマンド実行時の言語を英語にする。Cはデフォルトという意味らしい。

2 昨日のログをgrepする

# grep "$(env LANG=c date -d '1 day ago' '+\[%d\/%b\/%Y')" testlog2.log
127.0.0.1 - frank [03/Feb/2016:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 200 100 "http://www.example.com/start.html" "Mozilla/4.08 [en] (Win98; I ;Nav)"

今日の日付をフォーマットで指定できると、応用としてこのように何日前というような相対的な指定ができるようになるメリットがある。