# Simple test to extract just the command name and pid from the lines: # cut -d ' ' -f 5 messages.1 # Uncomment this to see what it looks like. # This code works for messages like 'sshd[12345]' # It removes all duplicates for messages like ' named ' # for msg in dhcpd last named ntpd sshd syslogd # do # for i in 20 21 22 23 24 25 26 27 # do # echo "There were `grep " $msg" messages.1 | grep "Dec $i" | cut -d ' ' -f 5 | sort -u | wc -l` $msg lines On Dec $i" # done # done # The time field is field 3. The duplicated messages will all occur on the # same second. for msg in dhcpd last named ntpd sshd syslogd do for i in 20 21 22 23 24 25 26 27 do echo "There were `grep " $msg" messages.1 | grep "Dec $i" | cut -d ' ' -f 3 | sort -u | wc -l` $msg lines On Dec $i" done done