I was trying to join multiple lines generated in /var/log/secure. I tried with transaction but looks like that doesn't work in this case. Below is the example of secure file.  In this case, I want to combine all these lines based on a common text "sshd[288792]". Your help on this would be really appreciated. I cannot search with same keyword as id in this sshd "288792" will be different for each sessions.  Jan 25 18:34:06 SERVER1 sshd[288792]: Connection from xxx.xxxx.xxx.xxx port xxxx on xxx.xxx.xxx.xxx port xx Jan 25 18:34:10 SERVER1 sshd[288792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid= Jan 25 18:34:10 SERVER1 sshd[288792]: pam_sss(sshd:auth): User info message: Your password will expire Jan 25 18:34:10 SERVER1 sshd[288792]: pam_sss(sshd:auth):  success; logname= uid=0 euid=0 Jan 25 18:34:10 SERVER1 sshd[288792]: Accepted  for xxxx from xxx.xxx.xxx.xxx port xxxxx xxx Jan 25 18:34:10 SERVER1 sshd[288792]: pam_unix(sshd:session): session opened for user xxxxx by (uid=0) Jan 25 18:34:10 SERVER1 sshd[288792]: User child is on pid 289788     ... View more