我有PowerShell正则表达式的问题。我有这个输入:
--- New command: 20. 12. 2017 00:01:19 End command: 20. 12. 2017 00:01:19 --- --- New command: 20. 12. 2017 00:06:19 Time 47 ms. Deleted 18 Created 15 End command: 20. 12. 2017 00:06:19 --- --- New command: 20. 12. 2017 00:11:19 Time 47 ms. End command: 20. 12. 2017 00:11:19 --- --- New command: 21. 12. 2017 00:16:19 Time 31 ms. End command: 21. 12. 2017 00:16:19 ---
我有以下代码,但它没有工作,请你告诉我为什么?
$File = Get-Content C:\Users\user\Desktop\processed.txt
$Result = $File -replace "([^/]+)End command: 20. 12. 2017 (\d+):(\d+):(\d+)","" > C:\Users\user\Desktop\processed.txt
输出应该只记录日期21. 12. 2017年及以上。
--- New command: 21. 12. 2017 00:16:19 Time 31 ms. End command: 21. 12. 2017 00:16:19 ---
答案 0 :(得分:1)
首先,我将日志拆分到信息块边界:
$log = Get-Content 'C:\path\to\your.log' | Out-String
$data = $log -split '(?<=---)\r?\n(?:\r?\n)+(?=---)'
然后我会检查每个信息块的日期:
$ref = (Get-Date '2017-12-21').Date
$culture = [Globalization.CultureInfo]::InvariantCulture
$data | Where-Object {
$_ -match '(?<=New command: )\d+\. \d+\. \d{4}' -and
[DateTime]::ParseExact($matches[0], 'dd\. MM\. yyyy', $culture) -ge $ref
}
答案 1 :(得分:0)
日期21. 12. 2017及更高版本的正则表达式。
正则表达式:(?:(?:2[1-9]|3[0-1])\.\s12\.\s2017|(?:\d{2}\.\s){2}(?:201[8-9]|20[2-9][0-9]|[2-9][1-9][0-9]{2}))