williballenthin/awk-bodyfile-to-metadatablock-filter.md

## awk-bodyfile-to-metadatablock-filter.md

      
    Raw
  

              awk-bodyfile-to-metadatablock-filter.md
            
          
    Formatted:

awk -F '|' '
BEGIN{
  # the '|'-delimited fields that contain BMC timestamps
  fields[0]=11; 
  fields[1]=9; 
  fields[2]=10;
}

{
  # print path
  printf $2 ", "; 
  for (v in fields) {
    # UTC and ISO8601 format the UNIX timestamp
    cmd="date --iso-8601=seconds -d @" $fields[v]; cmd | getline result; 
    
    # strip TZ offset (personal preference)
    printf substr(result, 0, 19) ", ";
  };
  printf "\n";
}'

One line

awk -F '|' 'BEGIN{fields[0]=11; fields[1]=9; fields[2]=10;}{printf $2 ", "; for (v in fields){cmd="date --iso-8601=seconds -d @" $fields[v]; cmd | getline result; printf substr(result, 0, 19) ", ";}; printf "\n"}'

Input

0|C:\Temp\psexec.exe|65410|0|24594|0|0|1263819232|1263833997|1263833997|1263805835

Output:

C:\Temp\psexec.exe, 2010-01-18T04:10:35, 2010-01-18T11:59:57, 2010-01-18T11:59:57,