使用bash

时间:2016-09-22 01:07:48

标签: bash shell

有时我会收到错误,例如下面的网页服务器错误日志中的行:

2016/09/19 04:32:49 [error] 18703#18703: *1148440 limiting requests, excess: 10.897 by zone "flood", client: 10.20.30.40, server: domain.com, request: "HEAD / HTTP/1.1", host: "domain.com"
2016/09/19 04:32:49 [error] 18703#18703: *1148443 limiting requests, excess: 10.891 by zone "flood", client: 10.20.30.40, server: domain.com, request: "HEAD / HTTP/1.1", host: "domain.com"
2016/09/19 04:32:49 [error] 18703#18703: *1148441 limiting requests, excess: 10.888 by zone "flood", client: 10.20.30.40, server: domain.com, request: "HEAD / HTTP/1.1", host: "domain.com"
2016/09/19 04:32:49 [error] 18703#18703: *1148444 limiting requests, excess: 10.885 by zone "flood", client: 10.20.30.40, server: domain.com, request: "HEAD / HTTP/1.1", host: "domain.com"
2016/09/19 04:32:49 [error] 18703#18703: *1148445 limiting requests, excess: 10.873 by zone "flood", client: 10.20.30.40, server: domain.com, request: "HEAD / HTTP/1.1", host: "domain.com"
2016/09/19 04:32:49 [error] 18704#18704: *1148446 limiting requests, excess: 10.845 by zone "flood", client: 10.20.30.40, server: domain.com, request: "HEAD / HTTP/1.1", host: "domain.com"
2016/09/19 04:32:49 [error] 18703#18703: *1148447 limiting requests, excess: 10.844 by zone "flood", client: 10.20.30.40, server: domain.com, request: "HEAD / HTTP/1.1", host: "domain.com"
2016/09/19 04:32:49 [error] 18703#18703: *1148448 limiting requests, excess: 10.839 by zone "flood", client: 10.20.30.40, server: domain.com, request: "HEAD / HTTP/1.1", host: "domain.com"
2016/09/19 04:32:49 [error] 18703#18703: *1148449 limiting requests, excess: 10.836 by zone "flood", client: 10.20.30.40, server: domain.com, request: "HEAD / HTTP/1.1", host: "domain.com"

我有一个每天解析日志文件的bash脚本,但它只是将所有行转储到报告中。

function error_log_errors {
  ERRORLOG_ERRORS=$(cat "${ERRORLOG}" | grep "${ERRORLOG_DATE}" | awk '{print substr($0, index($0,$6))}')
}

如何将多个类似的行合并到:

(20) 04:32 Limited requests (zone: flood) from IP address: 10.20.30.40, request: "HEAD / HTTP/1.1", host: domain.com

列是:

  • 发生次数
  • 首次开始的时间
  • 事件(日志中的相应条目:限制请求,超出:10.897区域“泛滥”)
  • IP地址
  • 请求(日志中的相应条目:请求:“HEAD / HTTP / 1.1”)
  • 主机名

感谢您的任何建议。

注意:请注意,日志文件也包含其他不相关的行。感谢。

0 个答案:

没有答案
相关问题
最新问题