我有这些字符串:
2017-09-17T21:01:15,914 INFO [01196526] :sasadm@saspw - New client connection (155885) accepted from server port 8561 for SAS token user sasadm@saspw. Encryption level is Credentials using encryption algorithm SASPROPRIETARY. Peer IP address and port are [::ffff:191.0.0.7]:39962 for APPNAME=/SASAuthorizationServices - Visual Data Builder 7.4.
2017-09-17T23:58:17,043 INFO [01211539] :sastrust@saspw - New client connection (163346) accepted from server port 8561 for user sastrust@saspw. Encryption level is Credentials using encryption algorithm SASPROPRIETARY. Peer IP address and port are [::ffff:191.0.0.7]:37400 for APPNAME=Content Server 9.4.
我必须将它们替换为
2017-09-17T21:01:15,sasadm@saspw,LOGIN,SUCCESS,Successful Login
或者
2017-09-17T23:58:17,sastrust@saspw,LOGIN,SUCCESS,Successful Login
这就是我所做的,但我没有收到预期的结果:
sed -n '/New client connection ([0-9]*) accepted from server port [0-9]* for/{s/,.* user \(.*\)\. .*/,\1,LOGIN,SUCCESS,Successful Login/;p}'
这是我的错误输出:
2017-09-17T21:01:15,sasadm@saspw. Encryption level is Credentials using encryption algorithm SASPROPRIETARY,LOGIN,SUCCESS,Successful Login
答案1
你的尝试非常接近:
$ sed -n '/New client connection ([0-9]*) accepted from server port [0-9]* for/{s/,.* user \(.[^.]*\)\. .*/,\1,LOGIN,SUCCESS,Successful Login/;p}' file1
2017-09-17T21:01:15,sasadm@saspw,LOGIN,SUCCESS,Successful Login
2017-09-17T23:58:17,sastrust@saspw,LOGIN,SUCCESS,Successful Login
唯一需要不同的是不允许模式\(\)匹配超过 user@host 的内容。所以不要使用,.*因为 sed 执行贪婪匹配 = 尽可能匹配。使用.[^.]*会将所有字符匹配到第一个找到的点。