Major part of my work involves checking for certain events in log files and try to trace out activities that happened just before and after these events. This is commonly called Root Cause Analysis (RCA).
Earlier , when I was new into this job , I used to do a "less" on the log files , one by one .
Then scroll page by page in each log to find out where the interesting parts were.
It became easier , when I learned about the "/" in "less" . If ya hit "/" when in less , you can perform a simple search , and sort through the results by "n"(next).
Now I don't even do that , I just do a
grep -i "event_im_searching_for" "list_of_log files or wildcards" -A5 -B5
The A5 , B5 give me 5 log entries before and after the event ! Can't get any better than this.
This may look childish to a Unix guru , he would probably use some regexes with grep to do this even better . But I'm learning , I'll get there.
skip to main |
skip to sidebar
About Me
Post Topics
- Mordor (Bangalore) (8)
- My first blog attempt (1)
- Ramblings (15)
- technology (6)
- Ubuntu (2)
No comments:
Post a Comment