the following awk could help you to process file content after certain line-number.
does matching and apply conditions.
cat audit.log | awk ‘ BEGIN { i=0;found=0} { i=i+1; if ( i >= 2430344 ) { regex1=”userGroup”;regex2=”pcl”;result1=0; result2=0; result1=match($9,regex1); result2=match($9,regex2);if ( result1 || result2) { found=1; };regex3=”exit”;result3=0;result3=match($9,regex3); if ( result3 && found) { print $_;found=0 } if (found) { print $_ } } }’ > /tmp/cli.txt
Advertisement
