我需要在Java程序中使用正则表达式来解析apache错误文件,例如:
[Thu Sep 27 12:08:18 2012] [error] [client 151.10.158.10] File does not exist: /srv/www/htdocs/pad/favicon.ico
[Thu Oct 04 17:02:42 2012] [error] [client 151.10.1.10] File does not exist: > /srv/www/htdocs/pad/favicon.ico
[Wed Oct 17 10:16:40 2012] [error] [client 151.10.14.60] File does not exist: /srv/www/htdocs/pad/sites/all/modules/fckeditor/fckeditor/editor/userfiles, referer: http://pad.sta.uniroma1.it/sites/all/modules/fckeditor/fckeditor/editor/fckeditor.html?InstanceName=edit-body&Toolbar=DrupalFull
我已经尝试了几种解决方案(其中一些已经在stackoverflow上报告过),看起来效果更好的是:
^(\[[\w:\s]+\]) (\[[\w]+\]) (\[[\w\d.\s]+\])?([\w\s/.(")-]+[\-:]) ([\w/\s]+)$
但是,似乎无法匹配字符串,如:
[Thu May 17 22:41:54 2012] [error] [client 118.238.211.206] Invalid URI in request GET :81/phpmyadmin/scripts/setup.php HTTP/1.1
我该如何解决?
修改的 我检查了所有提出的解决方案,尽管改进了匹配线的数量,但它们仍然无法处理以下情况:
[Fri Jul 15 00:24:41 2011] [error] [client 219.12.35.141] script '/srv/www/htdocs/pad2/scripts/setup.php' not found or unable to stat
[Mon May 28 18:43:25 2012] [error] [client 88.110.28.25] Invalid URI in request GET HTTP/1.1 HTTP/1.1
另请注意,我可以在单个组中接收方括号后的所有数据,包括客户关键字
答案 0 :(得分:0)
以下正则表达式将匹配上述所有错误格式。
^(\[[\w:\s]+\]) (\[[\w]+\]) (\[[\w\d.\s]+\])?([\w\s\/.(")-]+[\-:])\s*>?\s*([\w\/\s.]+)(?:\s*,(\s*\w+:)\s*([\w\/.=?:&-]+))?$
答案 1 :(得分:0)
“GET:81”中的列后面没有空格
这个有效:
^(\[[\w:\s]+\]) (\[[\w]+\]) (\[[\w\d.\s]+\])?([\w\s\/.(")-]+[\-:])\s?([\w\/\s.]+)
答案 2 :(得分:0)
正则表达式的最后一段似乎不对。这个简化的正则表达式应该有效:
^(\[[\w:\s]+\]) (\[[\w]+\]) (\[[\w\d.\s]+\]) ([\s\w/.(")-]+[-:])(.+)$
答案 3 :(得分:0)
$a="[Thu May 17 22:41:54 2012] [error] [client 118.238.211.206] Invalid URI in request GET :81/phpmyadmin/scripts/setup.php HTTP/1.1\n";
$a .="[Thu May 17 22:41:54 2012] [error] [client 118.238.211.206] Invalid URI in request GET :81/phpmyadmin/scripts/setup.php HTTP/1.1\n";
$a .="[Thu May 17 22:41:54 2012] [error] [client 118.238.211.206] Invalid URI in request GET :81/phpmyadmin/scripts/setup.php HTTP/1.1\n";
preg_match_all("/(\[.*\])\s+(\[.*\])\s+(\[.*\])\s+([a-zA-Z0-9\s]+:)\s*(.*)/",$a,$m) ; var_dump($m);
试试这个......(输出)
array (size=6)
0 =>
array (size=3)
0 => string '[Thu May 17 22:41:54 2012] [error] [client 118.238.211.206] Invalid URI in request GET :81/phpmyadmin/scripts/setup.php HTTP/1.1' (length=128)
1 => string '[Thu May 17 22:41:54 2012] [error] [client 118.238.211.206] Invalid URI in request GET :81/phpmyadmin/scripts/setup.php HTTP/1.1' (length=128)
2 => string '[Thu May 17 22:41:54 2012] [error] [client 118.238.211.206] Invalid URI in request GET : 81/phpmyadmin/scripts/setup.php HTTP/1.1' (length=129)
1 =>
array (size=3)
0 => string '[Thu May 17 22:41:54 2012]' (length=26)
1 => string '[Thu May 17 22:41:54 2012]' (length=26)
2 => string '[Thu May 17 22:41:54 2012]' (length=26)
2 =>
array (size=3)
0 => string '[error]' (length=7)
1 => string '[error]' (length=7)
2 => string '[error]' (length=7)
3 =>
array (size=3)
0 => string '[client 118.238.211.206]' (length=24)
1 => string '[client 118.238.211.206]' (length=24)
2 => string '[client 118.238.211.206]' (length=24)
4 =>
array (size=3)
0 => string 'Invalid URI in request GET :' (length=28)
1 => string 'Invalid URI in request GET :' (length=28)
2 => string 'Invalid URI in request GET :' (length=28)
5 =>
array (size=3)
0 => string '81/phpmyadmin/scripts/setup.php HTTP/1.1' (length=40)
1 => string '81/phpmyadmin/scripts/setup.php HTTP/1.1' (length=40)
2 => string '81/phpmyadmin/scripts/setup.php HTTP/1.1' (length=40)
答案 4 :(得分:0)
接收前三个[...]组中编码的信息
将[...]视为最长的字符串,以[开头,以]结尾,其中没有其他]符号 - \[[^\]]+\]
其余行捕获为.* - 从当前位置到行尾匹配。
所以你的完整解决方案如下:
^(\[[^\]]+\]) (\[[^\]]+\]) (\[[^\]]+\]) (.*)$