我有一个巨大的logfile1(Linux),日期格式低于&我想提取过去24小时的数据&使用shell脚本写入不同的文件。请帮我完成任务?
----------
03/03/2016 05:40:42 AM QWTRAB1 AMQ7315: Failed to put message to accounting queue. Reason(2053
----------
03/03/2016 05:40:42 AM QWTRAB1 AMQ7315: Failed to put message to accounting queue. Reason(2053
----------
03/03/2016 05:40:46 AM QWTRAB1 AMQ7315: Failed to put message to accounting queue. Reason(2053
----------
03/03/2016 05:40:46 AM QWTRAB1 AMQ7315: Failed to put message to accounting queue. Reason(2053
答案 0 :(得分:1)
您可以执行与Split access.log file by dates using command line tools类似的操作:
DATA TEST;
INPUT STRING $40.;
DATALINES;
Good morning
This is a good idea
I have an ungood Feeling
He is back 4good
goodness me
Good boy
;
RUN;
DATA TEST1; SET TEST;
POS=FINDW(STRING,'good',' ','i',1);
IF POS>0 THEN MATCH=1;
ELSE MATCH=0;
RUN;
:
split.awk命令:
{
split($1,array,"[:/]");
year = array[3]
month = array[2]
day = array[1]
print > FILENAME"-"year"_"month"_"day".txt"
}
答案 1 :(得分:0)
尝试提供日期范围的awk命令
awk '$0 >= "03/03/2016 05:40" && $0 <= "03/02/2016 05:40"'
更新:
#!/bin/bash
position=0
length=10
PREVDATE=`date -d "-1 days" +"%d-%m-%Y"`
while IFS='' read -r line || [[ -n "$line" ]]; do
LOGDATE=${line:position:length}
if [ "$PREVDATE" = "$LOGDATE" ]; then
echo $line >> $PREVDATE.log
fi;
done < "$1"
如果您想获取前一天的日志。您可以每天在crontab中运行一次此脚本。将给定脚本保存在名为logparser.sh的文件中。提供主日志文件作为参数。您可以使用上一个日期在新的日志文件名中找到已解析的数据。
尝试$./logparser.sh logfilename.log