Python:如何从一小时前到现在提取日志文件中的行

时间:2017-09-08 12:40:46

标签: python logging extract

我甚至不确定从哪里开始..我读过的就是如何在bash中做但是想在python中编写

示例日志行:

$SQL = "SELECT  ";
$SQL .= "SUM(Bookings.Spots) as SUMSPOT, Trips.ID, Bookings.FK_ID, Bookings.ID ";   
$SQL .= "FROM Trips ";
$SQL .= "INNER JOIN Bookings on Bookings.FK_ID = Trips.ID";
$SQL .= "GROUP BY Trips.ID, Bookings.FK_ID, Bookings.ID";

3 个答案:

答案 0 :(得分:0)

首先,我们需要一个函数来计算时间并比较它们:

import datetime
def timeDiff(time1,time2):
    timeA = datetime.datetime.strptime(time1, "%H:%M:%S")
    timeB = datetime.datetime.strptime(time2, "%H:%M:%S")
    newTime = timeA - timeB
    return newTime

让我们假设您有logfile.txt,并且您已经知道了它的行:

import re

with open logfile.txt as my_file :

 line_counter = sum ( 1 for line in logfile.txt)
 for i in range (line_counter):
  line  = my_file.readline() #-> Sep 8 13:25:02 blah 

  my_time = re.findall('\d+:\d+:\d+',line) #-> [13:25:02]

  if (timeDiff(re.findall('\d+:\d+:\d+',time.asctime(time.localtime()))[0] , re.findall('\d+:\d+:\d+',i)[0]) ) <=1 : # 1 hours ago 

   print line

注意1:re.findall('\d+:\d+:\d+',time.asctime(time.localtime()))将为您提供当前时间,因为re为您提供了一个列表输出,我使用了re.findall('\d+:\d+:\d+',time.asctime(time.localtime()))[0]

注意2:我使用dateDill func来比较它们并打印行

答案 1 :(得分:0)

您需要从日志文件中读取每一行,并对每一行进行一些检查。

import datetime

# get current time
now = datetime.datetime.now()

with open('yourlogfile', 'r') as f:
    # go through each line
    for ln in f:
        # ex: 'Sep 8 13:25:02 etcetcetc'
        stime = f.strip().split(' ')
        completeTime = stime[0]+ ' ' + stime[1]+ ' ' + stime[2]
        datefstr = datetime.datetime.strptime(completeTime, '%b %d %H:%M:%S')
        if (now.hour - datefstr.hour) < 1 and (now.minute - datefstr.minute) < 60:
            # do your thing here
        else: continue

答案 2 :(得分:0)

就像我说的那样,我不知道从哪里开始......

在阅读@BoarGules暗示必须将日期/时间变为可以算术并使用datetime的东西之后,我想出了以下内容:

#!/usr/bin/env python

from datetime import datetime, timedelta

syslog="local4"

now = datetime.now().strftime('%b %_d %H:%M:%S')
hour = datetime.now() - timedelta(hours=1)
hour_ago = hour.strftime('%b %_d %H:%M:%S')

with open(syslog,'r') as f:
    for line in f:
        if int(line.split()[1]) < 10:
            d = line.split()[0] + '  ' + line.split()[1] + ' ' + line.split()[2]
        else:
            d = line.split()[0] + ' ' + line.split()[1] + ' ' + line.split()[2]
        if d >= hour_ago and d <= now:
            print line.strip()

它似乎适用于我希望它做的事情,但愿意接受改进它的建议。 我只是想知道做if int(line.split()[1]) < 10:是否是解决第一次拆分之间空间的最佳方法。

再次感谢。

相关问题
最新问题