Append timestamp to log entries generated from AWK script

Question

The script already logs the output to a file called "server_mon.txt. I would like to append a timestamp to each entry for the purpose of tracking server activity.

I now understand that standard AWK doesn't have an inherent time/date function that can easily be assigned to a variable. I attempted the following but didn't work for me:

tail -fn0 /var/log/user | /usr/bin/awk '
BEGIN {
    str = "date +%Y-%m-%d";
    str = | getline date;
    close str;

The following is my full script so far:

#!/bin/bash
PATH=/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin

tail -fn0 /var/log/user | /usr/bin/awk '
    /disconnect_tcp_conn/ { report("down") }
    /daemon apps started/  { report("up") }

    function report(curr_state,    msg) {
        if ( prev_state != curr_state ) {
            msg = "Server is " curr_state
            system("mail -s \047" msg "\047 [email protected] </dev/null")
            print msg | "cat>&2"
            prev_state = curr_state
        }
    }
'

 &
PID=$!

DIEAT=`expr $SECONDS + 58`
while [ -d /proc/$PID ] && [ "$SECONDS" -lt "$DIEAT" ]
do
        sleep 1
done

[ -d /proc/$PID ] && kill "$PID"
wait

Expect to see a timestamp associated with each log entry to server_mon.txt.

Thanks

Does the log file you're tailing already have timestamps when disconnect_tcp_conn and daemon apps started occur? If so show that section of the log file in your question. — Ed Morton
– Ed Morton, Commented May 17, 2019 at 23:13
The log file does have time and date but it also has a lot of unnecessary info that I would need to filter out.. — Sceptersax
– Sceptersax, Commented May 17, 2019 at 23:22
awk was specifically created to filter text so that's probably trivial. It'll be much more efficient to print the timestamps already present in your log file than to create them for every line of output, especially if you don't have GNU awk. — Ed Morton
– Ed Morton, Commented May 17, 2019 at 23:24
So filtering out the irrelevant text is going to be easier then appending the AWK systime function then? — Sceptersax
– Sceptersax, Commented May 17, 2019 at 23:41
idk about easier but I expect it'll be more efficient. I'm expecting it to be absolutely trivial but until I can see a sample of your log file idk for sure what extra work is involved. Do you have GNU awk then? That's the only one with a systime() function. — Ed Morton
– Ed Morton, Commented May 17, 2019 at 23:43

Ed Morton · Accepted Answer · 2019-05-17 23:52:25Z

3

I highly recommend just reading and printing the timestanps already present in your log file but if that's not an option for some reson then here are you choices:

GUN awk:

$ awk 'BEGIN{ timestamp = strftime("%F %T"); print timestamp }'
2019-05-17 18:40:56

Any awk (much less efficient due to spawning a shell for every call to date):

$ awk 'BEGIN{ cmd="date \"+%F %T\""; timestamp=( (cmd | getline line) > 0 ? line : "N/A"); print timestamp }'
2019-05-17 18:40:59

Put the code where you need to generate the timestamp, I just have it in the BEGIN section to demonstrate how to write the code to generate a timestamp and save it in a variable.

edited May 17, 2019 at 23:52

answered May 17, 2019 at 23:39

Ed Morton

209k18 gold badges90 silver badges212 bronze badges

Sign up to request clarification or add additional context in comments.

Comments

Dudi Boy · Accepted Answer · 2019-05-17 22:09:27Z

3

Assuming each line in the log file is a log entry.

If you want to append timestamp to each line in a file. This is the awk script:

awk '{ print(strftime(), $0); }' input.txt

To learn more about awk time and data funtion read the documentation here.

strftime() function can be configured to your date/time format with parameters.

answered May 17, 2019 at 22:09

Dudi Boy

1

Comments

Kelly Anderson · Accepted Answer · 2019-05-17 21:50:51Z

0

Unless I don't understand something about your environment...

systime() returns seconds since Jan 1, 1970

and

mktime(datespec) and strftime([format [, timestamp[, utc-flag]]]) convert that timestamp to useful strings.

See: https://www.tutorialspoint.com/awk/awk_time_functions.htm for details.

answered May 17, 2019 at 21:50

Kelly Anderson

12 bronze badges

Comments

Sceptersax · Accepted Answer · 2019-08-06 01:02:37Z

I know there were other answers but in case anyone wants to know what I ended up using and working for my purpose.. here it is:

 msg = "%m/%d/%Y %H:%M:%S 

print strftime(msg) | "tee -a

I ended up using GAWK instead of AWK

This allowed me to have a time and date on the log file in GAWK.

#!/bin/bash
PATH=/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin

tail -fn0 /var/log/user | /usr/bin/gawk '
    /disconnect_tcp_conn/ { report("down") }
    /daemon apps started/  { report("up") }

    function report(curr_state,    msg) {
        if ( prev_state != curr_state ) {
            msg = "%m/%d/%Y %H:%M:%S "Server is " curr_state
            system("mail -s \047" strftime(msg) "\047 [email protected] </dev/null")
            # print msg | "cat>&2"
            print strftime(msg) | "tee -a \047/var/log/server_mon.txt\047 >&2"
            prev_state = curr_state
        }
    }
'

Collectives™ on Stack Overflow

Append timestamp to log entries generated from AWK script

4 Answers 4

Comments

Comments

Comments

Comments

Your Answer

Linked

Hot Network Questions

Collectives™ on Stack Overflow

4 Answers 4

Comments

Comments

Comments

Comments

Your Answer

Sign up or log in

Post as a guest

Linked

Related