我有access.log文件,其中包含超过1000个X-Forwarded-For日志条目,如下所示
142.245.59.16, 67.69.175.224, 69.31.97.126 - - [22/Sep/2015:20:00:02 -0400] "GET /company-information/cs/null?path=%
157.55.39.76, 184.27.179.176, 165.254.1.175 - - [22/Sep/2015:20:00:05 -0400] "GET /metricstream/--ID__100325--/free-co-profile.xhtml
10.70.33.32 - - [22/Sep/2015:20:00:22 -0400] "GET /autodiscover/autodiscover.xml
172.30.152.90, 198.178.234.30, 184.27.120.46, 69.31.97.126 - - [22/Sep/2015:20:03:37 -0400] "GET /company-information/cs/null?path
使用此日志条目,我必须grep并将它们解压缩到access_log.txt文件,如下面的输出
142.245.59.16 - - [22/Sep/2015:20:00:02 -0400] "GET /company-information/cs/null?path=%
157.55.39.76 - - [22/Sep/2015:20:00:05 -0400] "GET /metricstream/--ID__100325--/free-co-profile.xhtml
10.70.33.32 - - [22/Sep/2015:20:00:22 -0400] "GET /autodiscover/autodiscover.xml
172.30.152.90 - - [22/Sep/2015:20:03:37 -0400] "GET /company-information/, csnull ?path
这是留下第一个ip,并删除以下两个或更多的ips,我也厌倦了REGEX:/\, .*?\ -/g但我不知道如何在unix sed命令中应用它。请使用Unix命令
答案 0 :(得分:1)
您可以使用此sed命令:
sed 's/, [^-]*- -/ - -/' file.log
142.245.59.16 - - [22/Sep/2015:20:00:02 -0400] "GET /company-information/cs/null?path=%
157.55.39.76 - - [22/Sep/2015:20:00:05 -0400] "GET /metricstream/--ID__100325--/free-co-profile.xhtml
10.70.33.32 - - [22/Sep/2015:20:00:22 -0400] "GET /autodiscover/autodiscover.xml
172.30.152.90 - - [22/Sep/2015:20:03:37 -0400] "GET /company-information/cs/null?path
答案 1 :(得分:0)
那样: sed' s / \,。* - / - / g' ./access.log