I want to obtain all the process that are running in the system, but only from yesterday.
I am using this, ps -eo etime,pid
but i need only list the process from yesterday, any idea?
INFO: active from yesterday, process actually running from yesterday
Thanks in advance
If you want all the pids that have been running for more than 1 day but less than 2:
ps -e -o pid= -o etime= | sed 's/^ *//' | awk -F '[ -]+' 'NF>2 && $2==1 {print $1}'
if you want just more than 1 day, change it to $2>=1
It is not clear what exactly you need
But if you needed it from a specific time, just add it to crontab.
For example:
0 2 * * * ps -eo etime,pid>/tmp/processes.txt
This way you will have a snapshot from the processes running on 2:00
If you didnt mean that please be more specific of what exactly do you need
Related
I'm writing a bash script that will print on the screen all the latest logs from a service that has already died (or still lives, both situations must work). I know its name and don't have to guess.
I'm having difficulty getting the latest PID for a process that has already died from journalctl. I'm not talking about this:
journalctl | grep "<processname>"
This will give me all the logs that include processname in their text.
I've also tried:
journalctl | pgrep -f "<processname>"
This command gave me a list of numbers which supposedly should include the pid of my process. It was not there.
These ideas came from searching for previous questions. I haven't found a question that answers specifically what I asked.
How can I extract the latest PID from journalctl for a specific process?
I figured this out.
First, you must be printing your PID in your logs. It doesn't appear there automatically. Then, you can use grep -E and awk to grab exactly the expression you want from your log:
Var=$(journalctl --since "24 hours ago" | grep -E "\[([0-9]+)\]" | tail -n 1 | awk '{print $5}' | awk -F"[][{}]" '{print $2}'
This one-liner script takes the logs from the last 24 hours, grep with -E to use an expression, tail -n 1 to grab the last most updated line from those results and then, using awk to delimit the line and grab the exact expression you need from it.
I need to write a script for:
select all the PIDs
check which PIDs are not generating any logs for last 24 hours
filter those PIDs and kill them
So please suggest how to write the script
I don't want to give everything away, but only to get you started.
ps aux | tail -n +2 | awk '{print $2}'
will give you all the PIDs (step 1).
Good luck
I have a bash script with contents-
#!/bin/bash
while true;do
netstat -antp | grep LISTEN | tr -s ' ' | cut -d ' ' -f 4 > /tmp/log
sleep 100
done
Say I create a service which executes the script on boot.But when I use ps -eo command I'm able to see the commands being executed.For eg -
netstat -antp
grep LISTEN
tr -s ' '
cut -d ' ' -f 4
But I wish to suppress this output and hide the execution of these commands.Is there a way to do it?
Any other suggestions are welcome too.Thanks in advance!
You can't hide running processes from the system, at least not without some kernel hooks. Doing so is something typically only found in malware, so you'll not likely get much help.
There's really no reason to hide those processes from the system. If something in your script gets hung up, you'll want to see those processes to give you an idea of what's happening.
If there's a specific problem the presence of those processes is causing, you need to detail what that is.
I am trying to get back the time in the format hh:mm without the seconds,
running this:
ps -p $pid -o time=
gets back (for example) 00:03:19 but I want just (for example) 00:03
I have tried looking at the manual and searched on the net, couldn't find anything that i can understand. Can someone help me please. Thanks in advance.
ps itself doesn't offer to configure the time format. However, you can pipe to cut:
ps -p $pid -o time= | cut -d: -f1,2
I have several instances of a certain process running and I want to determine the process id of the one that has been started last.
So far I came to this code:
ps -aef | grep myProcess | grep -v grep | awk -F" " '{print $2}' |
while read line; do
echo $line
done
This gets me all process ids of myProcess. Somehow I need to compare now the running times of this pids and find out the one with the smallest running time. But I don't know how to do that...
An easier way would be to use pgrep with its -n, --newest switch.
Select only the newest (most recently started) of the matching
processes.
Alternatively, if you don't want to use pgrep, you can use ps and sort by start time:
ps -ef kbsdstart
Use pgrep. It has a -n (newest) option for that. So just try
pgrep -n myProcess