How to grep a log file within a specific time period
egrep '^[^ ]+ (0[89]|1[0-9]|2[012]):'
Detailed explanation can be found in various regex (regular expression) tutorials; egrep uses "POSIX extended" syntax (man 7 regex).
The first
^means "start of the line".[^ ]+just matches the date field, regardless of the actual date.[...]means "any character between the brackets", so[89]will match either8or9;[0-9]is any number, and[^ ]is anything except a space (because of the^inside brackets).+means "one or more of the previous" (for example,a+would matcha,aaa, andaaaaaaaa).So
^[^ ]+will start with the beginning of line, and match as many non-space characters as it can.
(...|...|...)means "either of the given patterns", so(0[89]|1[0-9]|2[012])means "either0[89]or1[0-9]or2[012]". It will match all numbers from 08 to 22.
A somewhat better option is:
awk -F'[: ]' '$2 >= 8 && $2 <= 22 { print }'
The -F option splits every line into separate fields according to the [: ] regex (matching either : or a space), and the awk script checks the 2nd column (the hour).
Why bother using grep? You can simply use sed.
example:
sed -n '/Jun 17 13:39:54/ , /Jun 18 10:50:28/p' kern.log
This will print all the logs between June 17 13:39:54 and June 18 10:50:28