Question

我正在运行此命令以从日志文件中提取一些数据。我正在排队，但是我对与消息ID相关的值感兴趣。

我正在运行的命令-

grep -B 2 UPDATE_CHAIR_DESK_REQ Application.log | head -1000

我得到的输出

< MessageId :ID:414d51204541495052475731202020205143d55bf3f13821>
 < AppServiceID :abcfcdd>
 < ReplyToQName :UPDATE_CHAIR_DESK_REQ>
--
< MessageId :ID:414d51204541495052475731202020205143d55bf7f13821>
 < AppServiceID :abcfcdd>
 < ReplyToQName :UPDATE_CHAIR_DESK_REQ>
--
< MessageId :ID:414d51204541495052475731202020205143d55bf7f13821>
 < AppServiceID :abcfcdd>
 < ReplyToQName :UPDATE_CHAIR_DESK_REQ>
--
< MessageId :ID:414d51204541495052475731202020205143d55bfbf13821>
 < AppServiceID :abcfcdd>
 < ReplyToQName :UPDATE_CHAIR_DESK_REQ>
--
< MessageId :ID:414d51204541495052475731202020205143d55bfbf13821>
 < AppServiceID :abcfcdd>
 < ReplyToQName :UPDATE_CHAIR_DESK_REQ>
--
< MessageId :ID:414d51204541495052475731202020205143d55bfff13821>
 < AppServiceID :abcfcdd>
 < ReplyToQName :UPDATE_CHAIR_DESK_REQ>**

我要查找的是MessageId：ID：前面的值，该长度始终为48个字符。我想增强我的grep命令，使其仅以列格式在屏幕或文件上获取这些值。

Answer 1

grep -B 2 UPDATE_CHAIR_DESK_REQ Application.log | egrep -o ':ID:.{48}'

Answer 2

使用awk，您可以使用：

awk -F'[:>]' '
    $1 ~ /MessageId/ {msgId = $3}
    $2 == "UPDATE_CHAIR_DESK_REQ" {print msgId}
' Application.log

从grep结果中提取字符串

2 个答案: