通过powershell解析电话号码和BYE的日志

时间:2015-08-13 18:58:23

标签: parsing powershell logging

我需要解析日志文件(即.txt)中的电话号码。

我需要找到电话号码以及时间戳和日期,然后查找该电话号码的相应终止请求(即呼叫者挂机时)。所有进入系统的调用都与DNAME相关,并以TERMINATED结束。

我已经使用了select-string命令,但我无法有效地过滤数据

数据如下:

13/08/2015 08:57:46:849 | L:4831.1[Line:10003<<XXXXXXXXXX]: Updated OutCID:'Conference_Call' and DNName: 'CALLER '

13/08/2015 09:00:42:118 | Leg L:4839.1[Line:10003<<XXXXXXXXXX] is terminated: Cause: BYE from 66.23.190.100:5060

为了安全起见,所有电话号码都已被XXXXXXXX取代。

有没有人知道有更强大的命令来执行此操作?

更多数据

13/08/2015 08:55:27:554 | Session 1230943 of leg L:4820.1[Line:10003<<180012334545] is confirmed 13/08/2015 08:55:49:766 | Answer to offerer immediateily, other party (L:4820.1[Line:10003<<180012334545]) doesn't support re-invite 13/08/2015 08:55:49:972 | L:4820.1[Line:10003<<18001234545]: Updated OutCID: 'Conference_Call' and DNName: 'Joe Brown ' 13/08/2015 08:55:49:972 | L:4820.1[Line:10003<<180012334545]: Target refresh is not possible: Line:10003<<18001334545 doesn't support re-INVITE 13/08/2015 08:55:49:972 | [CM503010]: Call(C:4820): Making route(s) from Line:10003<<18001334545 to <sip:811@127.0.0.1:5060> 13/08/2015 08:55:49:972 | [Flow] Call(C:4820): has built target endpoint: Ivr:811 for call from L:4820.1[Line:10003<<191944345740] 13/08/2015 08:55:49:972 | [CM503004]: Call(C:4820): Route 1: from L:4820.1[Line:10003<<18001233545] to T:Ivr:811@[Dev:sip:811@127.0.0.1:40600;rinstance=19fdaa2fa620113c] 13/08/2015 08:55:49:972 | [CM503027]: Call(C:4820): From: Line:10003<<18001334545 ("Glen Peaks " <sip:180012334545@98.100.70.194:5060>) to T:Ivr:811@[Dev:sip:811@127.0.0.1:40600;rinstance=19fdaa2fa620113c] 13/08/2015 08:55:49:972 | [Flow] Call(C:4820): making call from L:4820.1[Line:10003<<18001233545] to T:Ivr:811@[Dev:sip:811@127.0.0.1:40600;rinstance=19fdaa2fa620113c] 13/08/2015 08:55:50:027 | [CM503025]: Call(C:4820): Calling T:Ivr:811@[Dev:sip:811@127.0.0.1:40600;rinstance=19fdaa2fa620113c] for L:4820.1[Line:10003<<180012334545] 13/08/2015 08:55:50:181 | L:4820.3[Ivr:811] has joined to L:4820.1[Line:10003<<18001234545] 13/08/2015 08:55:50:181 | L:4820.1[Line:10003<<19914345740]: Terminating targets, reason: SIP ;cause=200 ;text="Call completed elsewhere"

1 个答案:

答案 0 :(得分:0)

您的问题不够明确,但关于TimeStamp和电话号码,您可以使用:

$Array = @()
$text = cat C:\Test.txt
$TimeStamp = "\d{2}\D\d{2}\D\d{4}\s\d{2}\D\d{2}\D\d{2}\D\d{3}"
$Number = "\d{10}"
foreach ($Line in $text)
{
$Result = "" | Select TimeStamp,Number
$Result.TimeStamp = $Line | select-string -Pattern $TimeStamp -AllMatches | % { $_.Matches } | % { $_.Value } 
$result.Number = $Line | select-string -Pattern $Number -AllMatches | % { $_.Matches } | % { $_.Value } 
$Array += $Result
}

请提供更多关于CALLER,Terminated等的信息,以便我帮助您找到正确的Regex

相关问题
最新问题