我想在我的电脑 "C:\logFiles" 中保存由另一台电脑中的程序生成的日志文件的特定日期, 我将从它获取日志文件的路径是“C:\Sut\Stat\03-2021.log”
示例:这个文件“C:\Sut\Stat\03-2021.Sutwin.log”包含火星月的所有日志,但我只想获取从 19-03-2021 到 26 的最后 7 天的日志-03-2021
我在互联网上找到了这个脚本,但我不适合我,我需要一些帮助:
Example of the file .log in the photo attached:
Rest of image for the first screenshot :
我的电脑名称:c01234
PC 内容日志文件的名称:c06789
我将从中获取信息的文件:03-2021.Sutwin.log(存在于 pc c06789 中)
我想将最近 7 天的内容传输到我的电脑 c01234 中名为 Week11_LogFile 的文件夹中
$log = "2015-05-09T06:39:34 Some information here
2015-05-09T06:40:34 Some information here
" -split "`n" | Where {$_.trim()}
#using max and min value for the example so all correct dates will comply
$upperLimit = [datetime]::MaxValue #replace with your own date
$lowerLimit = [datetime]::MinValue #replace with your own date
$log | foreach {
$dateAsText = ($_ -split '\s',2)[0]
try
{
$date = [datetime]::Parse($dateAsText)
if (($lowerLimit -lt $date) -and ($date -lt $upperLimit))
{
$_ #output the current item because it belongs to the requested time frame
}
}
catch [InvalidOperationException]
{
#date is malformed (maybe the line is empty or there is a typo), skip it
}
}
答案 0 :(得分:1)
根据您的图像,您的日志文件看起来像简单的制表符分隔文件。
假设是这样,这应该可行:
# Import the data as a tab-delimited file and add a DateTime column with a parsed value
$LogData = Import-Csv $Log -Delimiter "`t" |
Select-Object -Property *, @{n='DateTime';e={[datetime]::ParseExact($_.Date + $_.Time, 'dd. MMM yyHH:mm:ss', $null)}}
# Filter the data, drop the DateTime column, and write the output to a new tab-delimited file
$LogData | Where-Object { ($lowerLimit -lt $_.DateTime) -and ($_.DateTime -lt $upperLimit) } |
Select-Object -ExcludeProperty DateTime |
Export-Csv $OutputFile -Delimiter "`t"
这里的主要缺点是在 Windows Powershell(v5.1 及更低版本)上,您只能导出引用的数据。在 Powershell 7 及更高版本上,您可以使用 -UseQuotes Never 来防止字段被双引号标识(如果这很重要)。
唯一的另一个缺点是,如果这些日志文件很大,那么导入和处理它们将需要很长时间。您可以通过使上述单行代码来提高性能,如下所示:
Import-Csv $Log -Delimiter "`t" |
Select-Object -Property *, @{n='DateTime';e={[datetime]::ParseExact($_.Date + $_.Time, 'dd. MMM yyHH:mm:ss', $null)}} |
Where-Object { ($lowerLimit -lt $_.DateTime) -and ($_.DateTime -lt $upperLimit) } |
Select-Object -ExcludeProperty DateTime |
Export-Csv $OutputFile -Delimiter "`t"
但是如果日志文件非常大,那么您可能会遇到不可避免的性能问题。
答案 1 :(得分:0)
很遗憾,您的日志文件中的一行示例没有显示确切的日期格式。
2015-05-09 可能是 yyyy-MM-dd 或 yyyy-dd-MM,所以我猜它在下面的代码中是 yyyy-MM-dd ..
# this is the UNC path where the log file is to be found
# you need permissions of course to read that file from the remote computer
$remotePath = '\\c06789\C$\Sut\Stat\03-2021.log' # or use the computers IP address instead of its name
$localPath = 'C:\logFiles\Week11_LogFile.log' # the output file
# set the start date for the week you are interested in
$startDate = Get-Date -Year 2021 -Month 3 -Day 19
# build an array of formatted dates for an entire week
$dates = for ($i = 0; $i -lt 7; $i++) { '{0:yyyy-MM-dd}' -f $startDate.AddDays($i) }
# create a regex string from that using an anchor '^' and the dates joined with regex OR '|'
$regex = '^({0})' -f ($dates -join '|')
# read the log file and select all lines starting with any of the dates in the regex
((Get-Content -Path $remotePath) | Select-String -Pattern $regex).Line | Set-Content -Path $localPath