I was wondering if it was possible to delete only a portion of the system log files on the Mac OSX El Capitan based on a time period? Say I want to delete all activities that occurred between 9am – 10am. Is that possible to do via Terminal?
Thanks.
Answer
The files in /var/log/ are owned by root so you’ll have to be able to use sudo from Terminal, i.e., be a local admin.
Once you have that, you can use the sed command to perform the actual task with something like this
sudo sed -i -e s/^.*09:[00-59]:[00-59].*$//g /var/log/someLogFile.log
To further explain:
sudoto give you write access to files owned by root-iEdits the file in-place-eTells sed you’ll be using a regex command following this options/^.*09:[00-59]:[00-59].*$//ginitiates the sed substitution command for any line logged for all of 09:00:00 to 09:59:59 with nothing (2 consecutive slashes), for all lines (/g)
Attribution
Source : Link , Question Author : Candy , Answer Author : SaxDaddy
