我有tomcat访问日志,如下所示:
247.134.70.3 - - [07/May/2012:17:53:58 +0000] 93 "POST /maker/www/jsp/pulse/Service.ajax HTTP/1.1" 200 2 - "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)"
247.134.70.3 - - [07/May/2012:17:53:58 +0000] 140 "POST /maker/www/jsp/pulse/Service.ajax HTTP/1.1" 200 2 - "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)"
...
...
日期时间戳之后的数字表示服务器端处理时间ms。我需要特定请求的最大和平均时间,例如“POST /maker/www/jsp/pulse/Service.ajax”十分钟。这可能是使用sed,awk还是我需要更多逻辑的东西,例如蟒?
感谢。
答案 0 :(得分:2)
awk -F '[ "]' '{requests[$8 $9] += $6; count[$8 $9]++; if ($6 > max[$8 $9]) {max[$8 $9] = $6}} END {for (request in requests) {print requests[request], count[request], requests[request] / count[request], max[request], request}}' inputfile
分开划分:
awk -F '[ "]' '{
requests[$8 $9] += $6;
count[$8 $9]++;
if ($6 > max[$8 $9]) {
max[$8 $9] = $6
}
}
END {
for (request in requests) {
print requests[request], count[request], requests[request] / count[request], max[request], request
}
}' inputfile
答案 1 :(得分:1)
awk -F '[][ ]' -v start="07/May/2012:17:50:00" -v stop="07/May/2012:18:00:00" '
start <= $5 && $5 < stop {
split($0, arr, /"/)
req = arr[2]
count[req] += 1
total[req] += $8
if ($8 > max[req]) max[req] = $8
}
END {
for (req in count) {
print req
print " num entries: " count[req]
print " avg time: " total[req]/count[req]
print " max time: " max[req]
}
}
' logfile
鉴于你的小样本,这输出:
POST /maker/www/jsp/pulse/Service.ajax HTTP/1.1
num entries: 2
avg time: 116.5
max time: 140