我有一个简单的功能,可以给我一个小时以上的记录
past_hour_log(){
awk -v Date1=$(date -d"now 1 hour ago" "+%H:%M:%S") -v Date2=$(date -d"now 1 hour ago" "+%d") ' { if ($3 > Date1 && $2 >= Date2) {print $0}} ' /var/log/syslog
}
我的函数输出:
Oct 9 12:15:15 localhost-IdeaPad-980 systemd[1]: time has been changed
Oct 9 12:16:00 localhost-IdeaPad-980 systemd[1534]: time has been changed
Oct 9 12:17:00 localhost-IdeaPad-980 systemd-timesyncd[25237]: Synchronized to time server 91.189.91.157:123 (ntp.ubuntu.com).
Oct 9 12:17:01 localhost-IdeaPad-980 CRON[27685]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Oct 9 12:17:01 localhost-IdeaPad-980 CRON[29613]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
所以在下一行,我试图将此函数输出传递到grep xargs中,以获取从 input.txt
输入的字符串总数TIME_COUNT="$(cat input.txt | xargs -I{} grep {} past_hour_log | awk '{print $7}' | awk -F '?' '{print $1}' | uniq -c)"
但是输出显示下面的内容。有什么想法可以实现这一目标吗?
grep:past_hour_log:没有这样的文件或目录
答案 0 :(得分:1)
您可能要尝试以下操作:
past_hour_log() {
date1=$(date -d"now 1 hour ago" "+%H:%M:%S")
date2=$(date -d"now 1 hour ago" "+%d")
awk -v Date1="$date1" -v Date2="$date2" '($3 > Date1 && $2 >= Date2){print}' /var/log/syslog;
}
然后做
TIME_COUNT="$(past_hour_log | grep -F -f input.txt | awk '{print $7}' | awk -F '?' '{print $1}' | uniq -c)"