The linux way to do things

Quickly analyze multiple log files

If just like me, you are using logrotate to manage your logs, you are probably also using its “compress” options (if not, then you should) which gzip (by default) the log after rotating it in order to save up some space.  Recently, a customer called me complaining that he didn’t receive an email sent to him few days ago.  I then proceeded to ask him which exact day the email was sent but he wasn’t sure since the sender had emptied its “sent items” list (???).

In short, I had to find it through all my postfix log files (we keep a week long and daily log files are compressed).  The usual way would be to unzip and analyze each log file until we find what we are looking for.  Doing that for 7 files isn’t that bad but what If we had 30 files to analyse, there must be a better way…

Indeed, to quickly solve this issue, you can use a for loop and the cat command :

[hudony@smtp log]# for i in $(ls maillog*.gz);do gunzip -c $i >> /tmp/logfile; done

The result is only one log file (which could be very big so be careful) containing all the useful data.

Be Sociable, Share!

Categorised as: Bash

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>