Anybody?
(Oh yeah, and what's with the banner at the top of the forum?)
Linux Log Files: No Years
Small extract from a Linux log file:
The only problem is that there are no years listed, which is a pain when performing any sort of meaningful analysis of the logs.Code:Jul 9 10:46:33 ##### sshd[655]: Received signal 15; terminating. Jul 10 06:03:35 ##### sshd[656]: Server listening on 0.0.0.0 port 22. Jul 10 06:03:35 ##### sshd[656]: Generating 768 bit RSA key. Jul 10 06:03:35 ##### sshd[656]: RSA key generation complete.
Anybody got any ideas if there's a way to determine the year that a log file entry was made? Am I missing something silly/easy/obvious?
Thanks
Anybody?
(Oh yeah, and what's with the banner at the top of the forum?)
Do any months occur in more than on block? i.e.: Are there two July entries seperated by 11 months of other entries?
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
Not that I saw, none of the months were repeated (I'm guessing the logs came from a system that had been up and running for less than a year in total) - just trying to work out if there was a way from the log (or possibly) from somewhere else, to tell what year the logs had been written.
Thanks
Have you tried grep'ing/search'ing for 2008 or 2007? (or even 200, though depending on the log and messages that might match things you don't care about).
There might be a startup or shutdown message that includes full date/time.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
Posting Permissions