Shell Scripting(过去24小时提取日志)

时间:2016-03-03 13:16:11

标签: shell

我有一个巨大的logfile1(Linux),日期格式低于&我想提取过去24小时的数据&使用shell脚本写入不同的文件。请帮我完成任务?

----------
03/03/2016 05:40:42 AM QWTRAB1 AMQ7315: Failed to put message to accounting queue. Reason(2053
----------
03/03/2016 05:40:42 AM QWTRAB1 AMQ7315: Failed to put message to accounting queue. Reason(2053
----------
03/03/2016 05:40:46 AM QWTRAB1 AMQ7315: Failed to put message to accounting queue. Reason(2053
----------
03/03/2016 05:40:46 AM QWTRAB1 AMQ7315: Failed to put message to accounting queue. Reason(2053

2 个答案:

答案 0 :(得分:1)

您可以执行与Split access.log file by dates using command line tools类似的操作:

DATA TEST; INPUT STRING $40.; DATALINES; Good morning This is a good idea I have an ungood Feeling He is back 4good goodness me Good boy ; RUN; DATA TEST1; SET TEST; POS=FINDW(STRING,'good',' ','i',1); IF POS>0 THEN MATCH=1; ELSE MATCH=0; RUN; 

split.awk

命令:

{
    split($1,array,"[:/]");
    year = array[3]
    month = array[2]
    day = array[1]

    print > FILENAME"-"year"_"month"_"day".txt"
}

答案 1 :(得分:0)

尝试提供日期范围的awk命令

awk '$0 >= "03/03/2016 05:40" && $0 <= "03/02/2016 05:40"'

更新:

#!/bin/bash
position=0
length=10
PREVDATE=`date -d "-1 days" +"%d-%m-%Y"`
while IFS='' read -r line || [[ -n "$line" ]]; do
        LOGDATE=${line:position:length}
        if [ "$PREVDATE" = "$LOGDATE" ]; then
                echo $line >> $PREVDATE.log
        fi;     
done < "$1"

如果您想获取前一天的日志。您可以每天在crontab中运行一次此脚本。将给定脚本保存在名为logparser.sh的文件中。提供主日志文件作为参数。您可以使用上一个日期在新的日志文件名中找到已解析的数据。

尝试$./logparser.sh logfilename.log

相关问题
最新问题