我在编写单行代码时遇到麻烦,该单行代码将选择括号之间的数字,将其用双引号引起来,插入逗号,然后选择“ USER_RULE:”之后的所有文本,直到下一个双引号为止。
这是我文件的一小部分样本:
@213(1547485175) pass in quick on igb0 inet proto udp from <MGMT_HOSTS:1> to <UNRAID_IP:1> port = http keep state label "USER_RULE: Local Mgmt Services"
@174(1548683908) block return in quick on ALL_LAN inet proto tcp from <LOCAL_NETWORKS:7> to <LOCAL_BROADCAST:8> label "USER_RULE: Local Broadcast Noise"
@157(1547555119) block return in log quick on ALL_LAN inet from ! <NO_PFBLOCKER:1> to <pfB_BAD_IP_v4:55258> label "USER_RULE: pfb_Bad_IP (outbound)"
@137(1547478025) pass in quick on igb0 inet proto tcp from 192.168.1.0/24 to (self:13) port = ssh flags S/SA keep state label "USER_RULE: Anti-Lockout"
@386(1548774638) pass in quick on igb0.10 route-to (ovpnc1 10.20.48.141) inet proto udp from <MOBILE_DEVICES:5> to ! <PRIVATE_NETWORKS:3> port = https keep state label "USER_RULE: Policy Route" tag NO_WAN_EGRESS
这是我的预期输出:
"1547485175",Local Mgmt Services
"1548683908",Local Broadcast Noise
"1547555119",pfb_Bad_IP (outbound)
"1547478025",Anti-Lockout
"1548774638",Policy Route
我尝试了awk,sed和grep的各种组合,我可以得到所需的输出。我就是无法钉牢。我会为您避免我的丑陋失败尝试。
答案 0 :(得分:2)
$ sed 's/[^(]*(\([^)]*\).*"USER_RULE: *\([^"]*\).*/"\1",\2/' file
"1547485175",Local Mgmt Services
"1548683908",Local Broadcast Noise
"1547555119",pfb_Bad_IP (outbound)
"1547478025",Anti-Lockout
"1548774638",Policy Route
答案 1 :(得分:0)
请您尝试尝试以下操作(建议大家在您的帖子中加倍努力,因为我们都在这里学习。)
awk '
BEGIN{
s1="\""
OFS=","
}
match($0,/\([^\)]*/){
val=substr($0,RSTART+1,RLENGTH-1)
}
match($0,/USER_RULE[^"]*/){
print s1 val s1,substr($0,RSTART+11,RLENGTH-11)
}' Input_file
输出如下。
"1547485175",Local Mgmt Services
"1548683908",Local Broadcast Noise
"1547555119",pfb_Bad_IP (outbound)
"1547478025",Anti-Lockout
"1548774638",Policy Route
答案 2 :(得分:0)
filter()运行:
# File a.awk:
BEGIN { q = "\"" }
{ idx = index($0, "USER_RULE:")
rule = substr($0, idx + 11)
idx = index(rule, q) - 1
print q substr($0, 6, 10) q "," substr(rule, 1, idx)
}