I am fetching a log file radius.log which is basically a large file. It contains logs for multiple users.
First Command
tail -n 20 /tmp/radius.log
This returns the last 20 logs. And that is what was expected from the command.
Second Command
tail -n 20 /tmp/radius.log | grep "username"
What I am trying to achieve is to get last 20 logs for each user as well. Here is where I am facing the issue. It is only returning the last log (last 1 log) for the user. That is also expected because it only searches for username in the last 10 logs.
When I increase the number of lines to be returned say 200, I can see the remaining logs for the user.
tail -n 20 /tmp/radius.log | grep "username"
But is there a command which will only get the last 20 logs for a particular user?
grep "username" /tmp/radius.log | tail -n 20
This solution works perfectly fine. It first gets all logs for username and then tails the last 20 logs. But this is a time consuming process.
Still trying for a efficient one.
You have to execute grep at first and then your tail
grep "username" /tmp/radius.log | tail -n 20
The other way with some missing results is to use tail 2 times
tail -n 5000 /tmp/radius.log | grep "username" | tail -n 20
And the other good way is to convert your log into a DB (MySQL with TokuDB)