我想解析服务器访问日志以查找4xx和5xx错误计数。但未能在两个时间戳之间获取数据。某处错误的逻辑。
时间戳格式日期/月/年/小时/分钟/秒:27/8月/ 2013:12:45:54
if time >= start_timestamp and time <= end_timestamp :
if check_point_flag == 0 :
start_time = request['request'].split(" ")[0].split('[')[1]
check_point_flag=1
total_patient_count, total_encounter_count = self.get_count_information( access_token, request , resource_name, total_patient_count, total_encounter_count)
count_patient_5xx ,count_encounter_5xx = self.get_count_information(access_token,request,resource_name,count_patient_5xx,count_encounter_5xx, '500', '600')
count_patient_4xx ,count_encounter_4xx = self.get_count_information(access_token,request, resource_name,count_patient_4xx,count_encounter_4xx, '400', '500')
count_patient_2xx ,count_encounter_2xx = self.get_count_information(access_token,request, resource_name,count_patient_2xx,count_encounter_2xx, '200', '300')
end_time = request['request'].split(" ")[0].split('[')[1]
更改为groupdict()
后,这是一些日志{'status': '404', 'protocol': 'HTTP/1.0', 'request_time': '0.000', 'mongo_exec_time': '-', 'url': '/ready', 'request': '[19/Aug/2013:16:31:20 -0400]', 'hostname': 'xxxxxx', 'bytes_sent': '168', 'audit_response_time': '-', 'application': '-', 'user_agent': '-', 'upstream_response_time': '-', 'queries_count': '-', 'clientip': '12.255.25.13', 'hma_exec_time': '-', 'method': 'GET', 'user': '-'}
{'status': '404', 'protocol': 'HTTP/1.0', 'request_time': '0.000', 'mongo_exec_time': '-', 'url': '/ready', 'request': '[19/Aug/2013:16:31:22 -0400]', 'hostname': ''xxxxxx', 'bytes_sent': '168', 'audit_response_time': '-', 'application': '-', 'user_agent': '-', 'upstream_response_time': '-', 'queries_count': '-', 'clientip': '13.255.25.13', 'hma_exec_time': '-', 'method': 'GET', 'user': '-'}
{'status': '404', 'protocol': 'HTTP/1.0', 'request_time': '0.000', 'mongo_exec_time': '-', 'url': '/ready', 'request': '[19/Aug/2013:16:31:52 -0400]', 'hostname': ''xxxxxx', 'bytes_sent': '168', 'audit_response_time': '-', 'application': '-', 'user_agent': '-', 'upstream_response_time': '-', 'queries_count': '-', 'clientip': '13.255.25.13', 'hma_exec_time': '-', 'method': 'GET', 'user': '-'}
{'status': '404', 'protocol': 'HTTP/1.0', 'request_time': '0.000', 'mongo_exec_time': '-', 'url': '/ready', 'request': '[19/Aug/2013:16:31:54 -0400]', 'hostname': ''xxxxxx', 'bytes_sent': '168', 'audit_response_time': '-', 'application': '-', 'user_agent': '-', 'upstream_response_time': '-', 'queries_count': '-', 'clientip': '13.255.25.13', 'hma_exec_time': '-', 'method': 'GET', 'user': '-'}
{'status': '200', 'protocol': 'HTTP/1.1', 'request_time': '0.000', 'mongo_exec_time': '-', 'url': '//nginx_stub_status', 'request': '[19/Aug/2013:16:31:55 -0400]', 'hostname': ''xxxxxx', 'bytes_sent': '109', 'audit_response_time': '-', 'application': '-', 'user_agent': 'python-requests/1.2.3 CPython/2.6.6 Linux/2.6.32-358.14.1.el6.x86_64', 'upstream_response_time': '-', 'queries_count': '-', 'clientip': '127.0.0.1', 'hma_exec_time': '-', 'method': 'GET', 'user': '-'}
请帮助找到解析两个时间戳之间文件的逻辑
答案 0 :(得分:1)
如果我正确理解您的问题,您正试图找到一种根据时间戳过滤日志消息的方法。您可以使用the datetime module:
import datetime
time = datetime.datetime.strptime('27/Aug/2013:12:45:54', '%d/%b/%Y:%H:%M:%S')
start_timestamp = datetime.datetime.strptime('20/Aug/2013:12:45:54', '%d/%b/%Y:%H:%M:%S')
end_timestamp = datetime.datetime.strptime('30/Aug/2013:12:45:54', '%d/%b/%Y:%H:%M:%S')
if time >= start_timestamp and time <= end_timestamp: print 'it worked'