Reputation:
find the lines where sequence/sorting is broken in linux
I have a log file which contains lot of logs and first column contains the epoch time stamp, Ideally they should be in sequence/sorted. however if something goes wrong in system timestamp resets to some default value and sequence breaks and restarts. I am trying to find the lines where sequence/sorting is getting borken. Please notice the sequence number in column one.
For example:
101 aaa bbb ccc
102 aa dd ff gg
103 asd asd asdas
104 something goes wrong
101 restarting the time stamp
103 new start
104 going fine
105 smae here
102 ahh something unexpected
Desired output:
104 something goes wrong
101 restarting the time stamp
105 smae here
102 ahh something unexpected
sort -c helps, but I cannot store its output to any file for further processing. Please let me know if any alternate way is possible.
Upvotes: 0
Views: 47
Answers (1)
Reputation: 44063
With awk:
awk '$1 < prev { print saved "\n" $0 "\n" } { prev = $1; saved = $0 }' filename
There's not much to explain here, as you can see:
$1 < prev { # if a line is out of order
print saved "\n" $0 "\n" # print it and the previous line
}
{ # and for all lines:
prev = $1 # remember the things you need to determine
saved = $0 # when that is the case.
}
prev is initially empty and considered equal to zero, which should be fine for Epoch time stamps unless you have log entries from before 1970. If you do, replace $1 < prev with NR > 1 && $1 < prev, since the first line cannot be out of order.
Upvotes: 1
Related Questions
- Re-order or sort line by line
- sort write failed standard output broken pipe--Linux
- sorting with bash, how to sort output from awk
- Piping awk through to sort doesn't sort correctly
- How to combine ascending and descending sorting?
- Linux awk sort descending order not working
- how to sort lines where sorting starts when a delimeter comes (linux)
- Conditional Sort using Awk or sort
- stable sort in linux
- sorting group of lines