I am attempting to find the timestamp of a specific event within the BES log. I am having difficulty retrieving the previous N text positions of a line containing “Defining text”. In the text below, I am trying to pull back just the timestamp.
At 03:17:15 -0500 -
Client shutdown (Service manager shutdown request)
Any help would be appreciated.
Also, while I am at it, is there any way to search the BES log of the current date? I can search previous days by using the following example:
if (exists file ((year of it as string & month of it as two digits & day_of_month of it as two digits) of (current date - 1 * day) & “.log” as string) whose (exists (line of it) whose (it contains “RegisterOnce: GetURL failed - General transport failure. - BAD SERVERNAME (winsock error -6)” as string)) of folder “BigFix Enterprise\BES Client__BESData__Global\Logs” of program files x32 folder) then:
(name of it, previous lines of lines whose (it as string contains "Client shutdown") of it) of files whose (exists lines of it) of folder "__BESData\__Global\Logs" of storage folder of client