[SOLVED] At the Unix prompt, how do you pull a variable number of lines (which may include a blank line) from a file matching a pattern?

Issue

My file has multiple messages in it, each with a time stamp. I need to pull out just one message from a file based on its timestamp. Sometimes a message will have a blank line within the contents of the message. I prefer to do this at the unix prompt on an AIX operating system.

My file (er96aa.example) contains the following information. I want to pull out the second message with a time stamp of 15:56:10.097 (it should be a total of 4 lines of data).

07/05/19 15:56:10.091 SOCKETSND MESSAGE LENGTH=338   MESSAGE:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

07/05/19 15:56:10.097 SOCKETSND MESSAGE LENGTH=338   MESSAGE:

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

07/05/19 15:56:10.099 SOCKETSND MESSAGE LENGTH=338   MESSAGE:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

I tried

  grep -p '15:56:10.097' er96aa.example 

but that only returns the first two lines.

I tried

  grep -p'07/05/19' '15:56:10.097' er96aa.example

but that returns nothing.

  grep -p'07/05/19'+ '15:56:10.097' er96aa.example   and

  grep -p'07/05/19+' '15:56:10.097' er96aa.example

but that returns the whole file

I modified my file and put 07/05/19 on a separate line and "grep -p'07/05/19' '15:56:10.097' er96aa.example" did work, but unfortunately I don't have the ability to modify the format of the file I am usually working with.

Expected Output:

07/05/19 15:56:10.097 SOCKETSND
MESSAGE LENGTH=338   MESSAGE:

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Solution

I don't have access to an AIX box to test this but try:

$ awk '/MESSAGE:/{f=0} /15:56:10.097/{f=1} f' file
07/05/19 15:56:10.097 SOCKETSND MESSAGE LENGTH=338   MESSAGE:

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

How it works

By default, awk reads through a file one line at a time. Our script uses a single variable f to determine if the current line should be printed.

• /MESSAGE:/{f=0}

  This sets variable f to false (0) if the regex MESSAGE: appears on the current line.

• /15:56:10.097/{f=1}

  This sets variable f to true (1) is the regex 15:56:10.097 appears on the current line.

• f

  If f is true, print the line.

Answered By - John1024