在保留格式的同时按时间顺序排序文本块

时间:2016-01-01 20:49:38

标签: linux bash

我正在开发一个BASH脚本,用于提取电子邮件日志并将事务放入文本块中,例如:

   Dec 11 04:00:06 hostname postfix/pickup[5451]: 000A180464: uid=0 from=<root>
   Dec 11 04:00:06 hostname postfix/cleanup[8160]: 000A180464: message-id=<20151211090006.000A180464@domain.com>
   Dec 11 04:00:06 hostname postfix/qmgr[22497]: 000A180464: from=<root@domain.com>, size=59070, nrcpt=1 (queue active)
   Dec 11 04:00:06 hostname postfix/local[8168]: 000A180464: to=<root@localhost.localdomain>, orig_to=<root>, relay=local, delay=0.02, delays=0.01/0/0/0, dsn=2.0.0, status=sent (forwarded as 019B380405)
   Dec 11 04:00:06 hostname postfix/qmgr[22497]: 000A180464: removed

   Nov  8 12:36:24 hostname postfix/cleanup[11832]: 0016C82F49: message-id=<20151220050001.F2FD082F53@domain.com>
   Nov  8 12:36:24 hostname postfix/qmgr[1730]: 0016C82F49: from=<root@domain.com>, size=5206, nrcpt=1 (queue active)
   Nov  8 12:36:24 hostname postfix/pipe[11832]: 0016C82F49: to=<admin@domain.com>, orig_to=<root>, relay=plesk_virtual, delay=0.02, delays=0/0/0/0.01, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
   Nov  8 12:36:24 hostname postfix/qmgr[1730]: 0016C82F49: removed

   Nov  8 10:02:12 hostname postfix/cleanup[21832]: 000E583908: message-id=<20151108150211.F32D383919@domain.com>
   Nov  8 10:02:12 hostname postfix/qmgr[1920]: 000E583908: from=<root@domain.com>, size=5206, nrcpt=1 (queue active)
   Nov  8 10:02:12 hostname postfix/pipe[21838]: 000E583908: to=<admin@domain.com>, orig_to=<root>, relay=plesk_virtual, delay=0.02, delays=0/0/0/0.01, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
   Nov  8 10:02:12 hostname postfix/qmgr[1920]: 000E583908: removed

   Dec  5 16:00:19 hostname postfix/cleanup[22477]: 000FD8036A: message-id=<20151205210018.F324D80400@domain.com>
   Dec  5 16:00:19 hostname postfix/qmgr[1864]: 000FD8036A: from=<root@domain.com>, size=58511, nrcpt=1 (queue active)
   Dec  5 16:00:19 hostname postfix/pipe[22495]: 000FD8036A: to=<admin@domain.com>, orig_to=<root>, relay=plesk_virtual, delay=0.02, delays=0/0/0/0.02, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
   Dec  5 16:00:19 hostname postfix/qmgr[1864]: 000FD8036A: removed

   Dec 14 13:00:17 hostname postfix/cleanup[5127]: 001528050D: message-id=<20151214180016.F33048050C@domain.com>
   Dec 14 13:00:17 hostname postfix/qmgr[22497]: 001528050D: from=<root@domain.com>, size=58835, nrcpt=1 (queue active)
   Dec 14 13:00:17 hostname postfix/pipe[5129]: 001528050D: to=<admin@domain.com>, orig_to=<root>, relay=plesk_virtual, delay=0.02, delays=0/0/0/0.02, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
   Dec 14 13:00:17 hostname postfix/qmgr[22497]: 001528050D: removed

尽可能地说这些团体是好的,但这些团体并不是按时间顺序排列的。当我尝试对它们进行排序时,我放松了它们之间的分组和分离。我想要的是按日期和时间排序输出,例如:

   Dec  5 16:00:19 hostname postfix/cleanup[22477]: 000FD8036A: message-id=<20151205210018.F324D80400@domain.com>
   Dec  5 16:00:19 hostname postfix/qmgr[1864]: 000FD8036A: from=<root@domain.com>, size=58511, nrcpt=1 (queue active)
   Dec  5 16:00:19 hostname postfix/pipe[22495]: 000FD8036A: to=<admin@domain.com>, orig_to=<root>, relay=plesk_virtual, delay=0.02, delays=0/0/0/0.02, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
   Dec  5 16:00:19 hostname postfix/qmgr[1864]: 000FD8036A: removed

   Nov  8 10:02:12 hostname postfix/cleanup[21832]: 000E583908: message-id=<20151108150211.F32D383919@domain.com>
   Nov  8 10:02:12 hostname postfix/qmgr[1920]: 000E583908: from=<root@domain.com>, size=5206, nrcpt=1 (queue active)
   Nov  8 10:02:12 hostname postfix/pipe[21838]: 000E583908: to=<admin@domain.com>, orig_to=<root>, relay=plesk_virtual, delay=0.02, delays=0/0/0/0.01, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
   Nov  8 10:02:12 hostname postfix/qmgr[1920]: 000E583908: removed

   Nov  8 12:36:24 hostname postfix/cleanup[11832]: 0016C82F49: message-id=<20151220050001.F2FD082F53@domain.com>
   Nov  8 12:36:24 hostname postfix/qmgr[1730]: 0016C82F49: from=<root@domain.com>, size=5206, nrcpt=1 (queue active)
   Nov  8 12:36:24 hostname postfix/pipe[11832]: 0016C82F49: to=<admin@domain.com>, orig_to=<root>, relay=plesk_virtual, delay=0.02, delays=0/0/0/0.01, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
   Nov  8 12:36:24 hostname postfix/qmgr[1730]: 0016C82F49: removed

   Dec 11 04:00:06 hostname postfix/pickup[5451]: 000A180464: uid=0 from=<root>
   Dec 11 04:00:06 hostname postfix/cleanup[8160]: 000A180464: message-id=<20151211090006.000A180464@domain.com>
   Dec 11 04:00:06 hostname postfix/qmgr[22497]: 000A180464: from=<root@domain.com>, size=59070, nrcpt=1 (queue active)
   Dec 11 04:00:06 hostname postfix/local[8168]: 000A180464: to=<root@localhost.localdomain>, orig_to=<root>, relay=local, delay=0.02, delays=0.01/0/0/0, dsn=2.0.0, status=sent (forwarded as 019B380405)
   Dec 11 04:00:06 hostname postfix/qmgr[22497]: 000A180464: removed

   Dec 14 13:00:17 hostname postfix/cleanup[5127]: 001528050D: message-id=<20151214180016.F33048050C@domain.com>
   Dec 14 13:00:17 hostname postfix/qmgr[22497]: 001528050D: from=<root@domain.com>, size=58835, nrcpt=1 (queue active)
   Dec 14 13:00:17 hostname postfix/pipe[5129]: 001528050D: to=<admin@domain.com>, orig_to=<root>, relay=plesk_virtual, delay=0.02, delays=0/0/0/0.02, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
   Dec 14 13:00:17 hostname postfix/qmgr[22497]: 001528050D: removed

任何帮助都将不胜感激。

2 个答案:

答案 0 :(得分:1)

试试这个:

sort -s -k 1M -k 2n -k 3n logfile.txt

这是对文件进行排序,以便第一列是一个月(1M),第二列和第三列是数值(2n3n)。

有关详细信息,另请参阅this discussionman sort

答案 1 :(得分:0)

我想这就是你想要的

$ sed '$a\\' log \
   | awk '!NF{c++; print k,c+1 "\t"; c++; next} \
             {k=$1 FS $2 FS $3; print k, c+1 "\t" $0}' \
   | sort -k1,1M -k2n -k3,3 -k4n \
   | cut -f2 | sed '$d'

   Nov  8 10:02:12 hostname postfix/cleanup[21832]
   Nov  8 10:02:12 hostname postfix/pipe[21838]: 0
   Nov  8 10:02:12 hostname postfix/qmgr[1920]: 00
   Nov  8 10:02:12 hostname postfix/qmgr[1920]: 00

   Nov  8 12:36:24 hostname postfix/cleanup[11832]
   Nov  8 12:36:24 hostname postfix/pipe[11832]: 0
   Nov  8 12:36:24 hostname postfix/qmgr[1730]: 00
   Nov  8 12:36:24 hostname postfix/qmgr[1730]: 00

   Dec  5 16:00:19 hostname postfix/cleanup[22477]
   Dec  5 16:00:19 hostname postfix/pipe[22495]: 0
   Dec  5 16:00:19 hostname postfix/qmgr[1864]: 00
   Dec  5 16:00:19 hostname postfix/qmgr[1864]: 00

   Dec 11 04:00:06 hostname postfix/cleanup[8160]:
   Dec 11 04:00:06 hostname postfix/local[8168]: 0
   Dec 11 04:00:06 hostname postfix/pickup[5451]: 
   Dec 11 04:00:06 hostname postfix/qmgr[22497]: 0
   Dec 11 04:00:06 hostname postfix/qmgr[22497]: 0

   Dec 14 13:00:17 hostname postfix/cleanup[5127]:
   Dec 14 13:00:17 hostname postfix/pipe[5129]: 00
   Dec 14 13:00:17 hostname postfix/qmgr[22497]: 0
   Dec 14 13:00:17 hostname postfix/qmgr[22497]: 0
相关问题
最新问题