Combination of cat and grep Commands to Filter Output

Cause

I have a log, where the log records all application activity on the server, and the log confirmed by the request time, at one time there was a case where I was required to retrieve the log and must select only logs on "25 October 2020" with a request time of "more than 6 seconds".

Ex. Log :

127.0.0.1 - - [25/Oct/2020:12:00:00 +0700] TLSv1.2/ECDHE-RSA-AES256-SHA384 "POST /kitsake/blogspot/com HTTP/1.1" 200 765 0.336 "-" "-" "-" "0.336"

ex output of log format

Wich one :

127.0.0.1 : Sender's IP
[25/Oct/2020:12:00:00 +0700] : date:time:gmt
TLSv1.2/ECDHE-RSA-AES256-SHA384 : TLS Information from the Sender
"POST /kitsake/blogspot/com HTTP/1.1" 200 : Sent with a Status of 200 
0.336 "-" "-" "-" "0.336" : Request Time Information with Second Calculation

Resolution

From the log we can get the format information of the output that is displayed, and now we create a command which combined "cat: to browse the file" "grep: to filter what you want to display"

Command

# cat [filenameoflog] |grep [date/time/gmt] |grep [requesttime]

In this case, I took the request time format that was "x.xxx", keep in mind that the character must also be entered because it is very sensitive. so because from the start we will take logs that are longer than 6 seconds so:

"[6-9] =" 6,7,8,9 seconds
. [0-9] = "1,2,3,4,5,6,7,8,9 milliseconds
[0-9] = "1,2,3,4,5,6,7,8,9 milliseconds
[0-9] "=" 1,2,3,4,5,6,7,8,9 milliseconds

Trying

ok let's try with the command below

# cat kitsake.blogspot.com.log | grep '25/Oct/2020' | grep '"[6-9].[0-9][0-9][0-9]"' | grep '"[1-9][1-9].[0-9][0-9][0-9]"'

ex output of log with filtering

Maybe that's all I can share with you guys, hopefully this article will be useful.

Thank You.