Returning a specific line of text from a file

system 2008-07-01 21:24:04 UTC #21

(imported comment written by sonny.mcmanigle91)

Clutch!!! Jesse… thanks man

I totally forgot that you can logically group attributes!

system 2008-08-29 00:08:47 UTC #22

jessewk

I can think of 2 ways right off the bat… chose the line with the highest line number, or parse out the time stamps and choose the maximum. The relevance for the time stamp version will be a little more straightforward. If you post an example line I can give you an exact relevance query, but in pseudo code it would look like this:

maximum of ({relevance to extract time stamp string} as time) of lines whose (it contains “Update Finsihed”)…

Here’s the line from the log file, for example:

8/28/2008 9:01:52 AM NT AUTHORITY\SYSTEM Update Finished

system 2011-05-26 22:16:46 UTC #23

(imported comment written by SystemAdmin)

How can I append a path to the question

pathname of system x32 folder

I get “C:\Windows\system32” but I need to have it read

pathname of system x32 folder"\drivers\etc"

Here is the clause I’m trying to get to work:

exists file “hosts” whose (exists line whose (it contains “tivdmb”) of it) of folder (pathname of system x32 folder)"\drivers\etc"

Thanks!

system 2011-05-26 23:11:12 UTC #24

(imported comment written by SystemAdmin)

@Mooney - Your question really doesn’t pertain to this 3-year-old thread. I’d recommend starting a new thread.

However, that being said, the following appears to work fine for me:

exists file (pathname of system x32 folder & “\drivers\etc\hosts”) whose (exists line whose (it contains “tivdmb”) of it)

You need to use a “&” to concatenate threads.

schmmich 2015-06-19 21:04:46 UTC #25

Following up on this I have the following exists file “C:\Windows\CCM\Inventory\noidmifs\DeptNoID.MIF” whose (exists (line of it) whose (it contains “8083”)) which appears to work just fine, however the second I try to specify an actual line # as so exists file “C:\Windows\CCM\Inventory\noidmifs\DeptNoID.MIF” whose (exists (line of 17) whose (it contains “8083”)) I’m receiving “The operator “line” isn’t defined” Am I just missing something here?

Aram 2015-06-19 21:37:19 UTC #26

I haven’t tested this, but how about:

exists file “C:\Windows\CCM\Inventory\noidmifs\DeptNoID.MIF” whose (line 17 of it contains “8083”)

or without hardcoding the Windows path:

exists file “deptnoid.mif” whose (line 17 of it contains “8083”) of folders “CCM\Inventory\noidmifs” of windows folder

gearoid 2015-06-22 10:45:17 UTC #27

you’ve a typo in this bit. The error says line is not an operator of the number 17.

So use:

(line 17 of it)

Some more on relevance errors here.

schmmich 2015-06-22 13:39:28 UTC #28

Awesome, thanks. End of a long Friday afternoon, greatly appreciated!

shahed.janjua 2017-08-11 14:49:39 UTC #29

I am using the following script to fetch the last patch time of linux servers

if (name of operating system as lowercase contains "linux") then (line (number of lines of it) of file "/var/log/yum.log" ) else "no"

The output is something like
Aug 11 12:59:53 Updated: rpcbind-0.2.0-42.el7.x86_64

How do I trim the string to only get the date. Any reply would be highly appreciated.

JasonWalker 2017-08-16 00:19:43 UTC #30

I think you’re very unlikely to have people scroll all the way down a ten-year-old thread to find your reply. I’d suggest you start a new thread for this.

jmcbride 2017-08-18 14:28:02 UTC #31

plural “firsts” thanks.
Q: (following texts of firsts " – " of lines of it) of files whose (name of it contains “SAN-boot-review.txt”) of folder "/tmp"
A: hdisk0 Available 32-T1-01 MPIO 2810 XIV Disk – rootvg
A: hdisk4 Available 32-T1-01 MPIO 2810 XIV Disk – altinst_rootvg

kazu 2023-02-27 16:40:16 UTC #32

Hi, I understand this is quite an old thread, but was wondering if anyone could still help.

Regarding returning lines of a file that contain a string. Please, what if I wanted to return the actual line number of the line that contains the string in the file?

Aram 2023-02-27 16:53:03 UTC #33

You could use the line number of <file> inspector (https://developer.bigfix.com/relevance/reference/file-line.html#line-number-of-file-line-integer) to do this. Here’s an example:

Q: line number of line whose (it as string as lowercase starts with “X-Fixlet-Site-Gather-URL” as lowercase) of file "C:\Program Files (x86)\BigFix Enterprise\BES Client\ActionSite.afxm"
A: 18
T: 26.850 ms
I: singular integer

kazu 2023-03-22 09:51:20 UTC #34

Many thanks Aram. That does the job!