I’m trying to write a script used on a buffer box that does full packet capture of network traffic. As it’s for a fairly big network we split the captures into 100MB segments. At times of high network traffic oftentimes over a one minute period we will have multiple pcaps which cover that period.
So what I want to do is have a bash script that lets the analyst who is searching for something specify a date and time and how many minutes either side of it they want to search for files. Obviously I can do something like this –
ls -al | grep "Dec 1" | grep 02:00 ls -al | grep "Dec 1" | grep 02:01
and so on, get each result and grep each file individually for the specific keyword I’m looking for, but I’d like to be able to do a wider search for all files created within a time range and then grep each of them for the keyword.
I’m not entirely sure how to do that, any help would be appreciated.
Advertisement
Answer
find . -maxdepth 1 -newermt "2013-10-28 00:00:00" ! -newermt "2013-10-29 00:00:00"