我正在使用 sed 命令来获取两个日期之间的数据。我正在使用与日期模式匹配的正则表达式。
我正在使用的示例数据有点像:
192.168.0.123 - - [25/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [26/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [26/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [27/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [27/Nov/2018:13:25:53 +0530] "Data 6"
192.168.0.123 - - [28/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [28/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [28/Nov/2018:13:25:53 +0530] "Data 6"
192.168.0.123 - - [30/Nov/2018:13:25:53 +0530] "Data 6"
192.168.0.123 - - [01/Dec/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [01/Dec/2018:13:25:09 +0530] "Data 4"
我面临两个问题。
它只给出最后一个日期第一次出现之前的输出。即,如果使用的命令是:
$ sed -n '/26/Nov/2018/,/28/Nov/2018/ p' file.log
然后我得到的输出是:
192.168.0.123 - - [25/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [26/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [26/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [27/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [27/Nov/2018:13:25:53 +0530] "Data 6"
192.168.0.123 - - [28/Nov/2018:13:25:09 +0530] "Data 4"
但我期待着
192.168.0.123 - - [25/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [26/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [26/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [27/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [27/Nov/2018:13:25:53 +0530] "Data 6"
192.168.0.123 - - [28/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [28/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [28/Nov/2018:13:25:53 +0530] "Data 6"
如果我输入日志中不存在的日期。我正在获取直到文件末尾的所有数据,而我希望它直到数据存在的最后一个位置。即,如果命令是:
$ sed -n '/26/Nov/2018/,/29/Nov/2018/ p' file.log
那么输出是:
192.168.0.123 - - [25/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [26/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [26/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [27/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [27/Nov/2018:13:25:53 +0530] "Data 6"
192.168.0.123 - - [28/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [28/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [28/Nov/2018:13:25:53 +0530] "Data 6"
192.168.0.123 - - [30/Nov/2018:13:25:53 +0530] "Data 6"
192.168.0.123 - - [01/Dec/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [01/Dec/2018:13:25:09 +0530] "Data 4"
虽然我期望它是:
192.168.0.123 - - [25/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [26/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [26/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [27/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [27/Nov/2018:13:25:53 +0530] "Data 6"
192.168.0.123 - - [28/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [28/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [28/Nov/2018:13:25:53 +0530] "Data 6"
答案1
我更喜欢使用日期格列普根据日期解析日志。
[root@server22 ~]# cat file.log
192.168.0.123 - - [25/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [26/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [26/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [27/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [27/Nov/2018:13:25:53 +0530] "Data 6"
192.168.0.123 - - [28/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [28/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [28/Nov/2018:13:25:53 +0530] "Data 6"
192.168.0.123 - - [30/Nov/2018:13:25:53 +0530] "Data 6"
192.168.0.123 - - [01/Dec/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [01/Dec/2018:13:25:09 +0530] "Data 4"
解析 11 月 26 日至 11 月 29 日之间的日志
[root@server22 ~]# dategrep --start 26/Nov/2018:00:00:00 --end 29/Nov/2018:00:00:00 file.log --format "%d/%b/%Y:%H:%M:%S"
192.168.0.123 - - [26/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [26/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [27/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [27/Nov/2018:13:25:53 +0530] "Data 6"
192.168.0.123 - - [28/Nov/2018:13:25:09 +0530] "Data 4"
192.168.0.123 - - [28/Nov/2018:13:25:11 +0530] "Data 5"
192.168.0.123 - - [28/Nov/2018:13:25:53 +0530] "Data 6"