【问题标题】:grep logs between two dates and contain specific string in linux两个日期之间的 grep 日志并包含 linux 中的特定字符串
【发布时间】:2022-10-14 05:34:04
【问题描述】:

我有这样的日志文件

Oct 13 17:39:25 AriaDezh filterlog: 1054<1>,82,,,0,lo0,match,pass,in,4,0x0,,64,0,0,DF,6,tcp,60,127.0.0.1,127.0.0.1,50191,14382,0,S,1420028472,,65228,,mss;nop;wscale;sackOK;TS 

Oct 13 17:39:25 AriaDezh filterlog: 1055<1>,83,,,0,lo0,match,pass,out,4,0x0,,64,0,0,DF,6,tcp,60,127.0.0.1,127.0.0.1,50191,14382,0,S,1420028472,,65228,,mss;nop;wscale;sackOK;TS

现在我想获取介于两者之间的日志两个日期

我还需要过滤包含特定的日志细绳

grep -F 'special string' 

我怎样才能做到这一点 ?

【问题讨论】:

  • 如果您提供更多输入会有所帮助;特别是...记录具有不同日期/时间戳的条目,有些在您要查找的范围内,有些在您要查找的范围之外;那么我们需要一个您正在寻找的two dates 的示例(另外,您知道这两个日期会在文件中找到完全匹配的事实,还是我们需要执行日期/时间比较?);您正在寻找的string 的样本;最后是预期输出(对应于样本输入);您尝试过哪些其他代码来尝试匹配日期/时间戳?

标签: linux bash grep


【解决方案1】:

rquery(https://github.com/fuyuncat/rquery/releases) 是搜索日志的完美工具。 您可以像 SQL 查询一样使用rq。 在您的情况下,字段可以按空格分隔,然后将前 3 个字段构造为完整日期。

[ rquery]$ cat samples/logdates.txt
Oct 13 17:35:25 AriaDezh filterlog: 1054<1>,82,,,0,lo0,special string,pass,in,4,0x0,,64,0,0,DF,6,tcp,60,127.0.0.1,127.0.0.1,50191,14382,0,S,1420028472,,65228,,mss;nop;wscale;sackOK;TS
Oct 13 17:36:25 AriaDezh filterlog: 1055<1>,83,,,0,lo0,match,pass,out,4,0x0,,64,0,0,DF,6,tcp,60,127.0.0.1,127.0.0.1,50191,14382,0,S,1420028472,,65228,,mss;nop;wscale;sackOK;TS
Oct 13 17:37:25 AriaDezh filterlog: 1055<1>,83,,,0,lo0,special string,pass,out,4,0x0,,64,0,0,DF,6,tcp,60,127.0.0.1,127.0.0.1,50191,14382,0,S,1420028472,,65228,,mss;nop;wscale;sackOK;TS
Oct 13 17:38:25 AriaDezh filterlog: 1055<1>,83,,,0,lo0,match,pass,out,4,0x0,,64,0,0,DF,6,tcp,60,127.0.0.1,127.0.0.1,50191,14382,0,S,1420028472,,65228,,mss;nop;wscale;sackOK;TS
Oct 13 17:39:25 AriaDezh filterlog: 1055<1>,83,,,0,lo0,special string,pass,out,4,0x0,,64,0,0,DF,6,tcp,60,127.0.0.1,127.0.0.1,50191,14382,0,S,1420028472,,65228,,mss;nop;wscale;sackOK;TS
[ rquery]$ ./rq -q "p d/ / | s @raw | f @1+' '+@2+' 2022 '+@3>='Oct 13 2022 17:36:25' and @1+' '+@2+' 2022 '+@3<='Oct 13 2022 17:38:25' and @raw like '*special string*'" samples/logdates.txt -m error
Oct 13 17:37:25 AriaDezh filterlog: 1055<1>,83,,,0,lo0,special string,pass,out,4,0x0,,64,0,0,DF,6,tcp,60,127.0.0.1,127.0.0.1,50191,14382,0,S,1420028472,,65228,,mss;nop;wscale;sackOK;TS

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 2012-11-10
    • 1970-01-01
    • 1970-01-01
    • 2016-10-30
    • 2013-11-09
    • 2013-02-05
    • 2017-01-29
    • 1970-01-01
    相关资源
    最近更新 更多