尝试过我的本地日志,它的工作原理。下面是用grep本身,寻找先从二月空间和所需的日期和一个更大的空间的模式/ ^二月日期/(即)行消息日志
**[[email protected] ~]# cat /var/log/messages**
Feb 9 03:40:04 applekm kernel: imklog 4.6.2, log source = /proc/kmsg started.
Feb 9 03:40:04 applekm rsyslogd: [origin software="rsyslogd" swVersion="4.6.2" x-pid="2077" x-info="http://www.rsyslog.com"] (re)start
Feb 9 03:40:24 applekm rhsmd: This system is registered to RHN Classic
Feb 10 03:10:03 applekm rhsmd: This system is registered to RHN Classic
Feb 11 03:14:28 applekm rhsmd: This system is registered to RHN Classic
Feb 11 11:59:28 applekm abrt[31046]: saved core dump of pid 31032 (/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/jre/bin/java) to /var/spool/abrt/ccpp-2014-02-11-11:59:27-31032.new/coredump (590483456 bytes)
Feb 11 11:59:28 applekm abrt[31046]: /var/spool/abrt is 1738308913 bytes (more than 1279 MB), deleting 'ccpp-2014-01-07-20:49:05-7481'
Feb 12 03:49:07 applekm rhsmd: This system is registered to RHN Classic
Feb 12 11:32:37 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 12 11:32:37 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 12 11:32:37 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 12 11:32:37 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 12 11:32:37 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 12 11:32:37 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 12 23:16:19 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 12 23:16:19 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 12 23:16:19 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 12 23:16:19 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 12 23:16:19 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 12 23:16:19 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 13 03:44:47 applekm rhsmd: This system is registered to RHN Classic
Feb 13 12:10:01 applekm auditd[2050]: Audit daemon rotating log files
Feb 13 23:22:48 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 13 23:22:48 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 13 23:22:48 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 13 23:22:48 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 13 23:22:49 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 13 23:22:49 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 14 03:14:18 applekm rhsmd: This system is registered to RHN Classic
。
[[email protected] ~]# grep "^Feb 13 " /var/log/messages
Feb 13 03:44:47 applekm rhsmd: This system is registered to RHN Classic
Feb 13 12:10:01 applekm auditd[2050]: Audit daemon rotating log files
Feb 13 23:22:48 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 13 23:22:48 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 13 23:22:48 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 13 23:22:48 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 13 23:22:49 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
Feb 13 23:22:49 applekm SYMBDSNAP_SDK[1951]: Failed to open device: /dev/symbdsnapctl, errno: 2.
[[email protected] ~]#
[[email protected] ~]#
[[email protected] ~]# grep "^Feb 14 " /var/log/messages
Feb 14 03:14:18 applekm rhsmd: This system is registered to RHN Classic
[[email protected] ~]#
希望有所帮助。
我在我的/ var/log/messages上试过了类似的grep,它的grepping很好。 – Raghuram