监视应用程序日志并提取错误计数

Question

我是Unix命令的新手，想知道下面做的脚本。

1. 需要阅读应用程序日志并在最后半小时内提取所有错误。
2. 获取每个错误的唯一计数。
3. 将错误计数邮寄给团队。

采取的步骤： 我已经使用grep读取了关键字错误并写入单独文件的文件。 给予文件许可。

感谢您的帮助。

代码段：

#!/bin/sh
cd Service/apache-tomcat-7.0.33/logs
for file in catalina.out; do
grep "ERROR" $file >error.txt
done
chmod 0777 error.txt

示例日志

2014-09-03 16:45:36,814 ERROR xxxService: Could not find tool with id 365 intable:
2014-09-03 16:45:56,444 ERROR yyyService: summary counts not returned from accessor for xxxx, 1, mapParams
2014-09-03 16:45:56,444 ERROR yyyService: summary counts not returned from accessor for xxxx, 2, mapParams 
2014-09-03 16:45:56,445 ERROR yyyService: summary counts not returned from accessor for xxxx, 3, mapParams
2014-09-03 16:45:56,445 ERROR yyyService: summary counts not returned from accessor for xxxx, 4, mapParams
2014-09-03 16:45:56,445 ERROR yyyService: summary counts not returned from accessor for xxxx, 5, mapParams
2014-09-03 16:46:00,077 ERROR yyyService: summary counts not returned from accessor for xxxx, 1, mapParams
2014-09-03 16:46:00,078 ERROR yyyService: summary counts not returned from accessor for xxxx, 2, mapParams
2014-09-03 16:46:00,078 ERROR yyyService: summary counts not returned from accessor for xxxx, 3, mapParams
2014-09-03 16:46:00,078 ERROR yyyService: summary counts not returned from accessor for xxxx, 4, mapParams
2014-09-03 16:46:00,079 ERROR yyyService: summary counts not returned from accessor for xxxx, 5, mapParams
2014-09-03 16:46:05,415 ERROR yyyService: summary counts not returned from accessor for xxxx, 1, mapParams
2014-09-03 16:46:05,416 ERROR yyyService: summary counts not returned from accessor for xxxx, 2, mapParams
2014-09-03 16:46:05,416 ERROR yyyService: summary counts not returned from accessor for xxxx, 3, mapParams
2014-09-03 16:46:05,416 ERROR yyyService: summary counts not returned from accessor for xxxx, 4, mapParams
2014-09-03 16:46:05,417 ERROR yyyService: summary counts not returned from accessor for xxxx, 5, mapParams
2014-09-03 16:46:59,881 ERROR yyyService: summary counts not returned from accessor for xxxx, 5, mapParams
2014-09-03 16:47:03,109 ERROR ErrorManager: 1409780823108: A General Exception Occurred
    null
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)

Error Message   Count
ERROR xxxService: Could not find tool with id 365 intable:  1
ERROR yyyService: summary counts not returned from accessor for xxxx, 1, mapParams  3
ERROR yyyService: summary counts not returned from accessor for xxxx, 2, mapParams  3
ERROR yyyService: summary counts not returned from accessor for xxxx, 3, mapParams  3
ERROR yyyService: summary counts not returned from accessor for xxxx, 4, mapParams  3
ERROR yyyService: summary counts not returned from accessor for xxxx, 5, mapParams  4
ERROR ErrorManager: 1409780823108: A General Exception Occurred 1

Answer 1

我无法写出完整的剧本，因为我并不完全清楚你想要什么，但这是一个策略。

1. grep文件中的字符串＆＃39; ERROR＆＃39; （看起来你已经这样做过了。）
2. 使用＆＃39; cut -d＆＃39; ＆＃39; -f4提取第四个空格分隔字段（yyyService）。
3. 将输出换成sort，然后使用uniq -c来获取计数。
4. 将结果传递给＆＃39; mail＆＃39;

所以，你最终会得到这样的东西：

grep ERROR /shipmentService/apache-tomcat-7.0.33/logs/catalina.out | cut -d ' ' -f4 | sort | uniq -c | mail -s "This is the subject" mail@example.com