我想提取特定时间之间的所有行,以及附加的文件名。
输入示例:
Dec 8 22:00:05 host kernel:
Dec 8 23:00:05 host kernel:
Dec 8 23:34:45 host kernel:
Dec 8 23:54:45 host kernel:
Dec 9 00:34:45 host kernel:
Dec 9 00:54:45 host kernel:
Dec 9 01:54:45 host kernel:
Dec 9 02:54:45 host kernel:
Dec 9 03:54:45 host kernel:
Dec 9 04:54:45 host kernel:
Dec 9 05:54:45 host kernel:
我想要的输出:
Dec 8 23:00:05 host kernel:
Dec 8 23:34:45 host kernel:
Dec 8 23:54:45 host kernel:
Dec 9 00:34:45 host kernel:
Dec 9 00:54:45 host kernel:
答案1
怎么样磨坊主?
$ mlr --nidx --repifs filter -S '
t = strptime($3,"%H:%M:%S");
t > strptime("23:00","%H:%M") || t < strptime("01:00","%H:%M")
' input
Dec 8 23:00:05 hermes kernel: [<ffffffff8118a6f0>] warn_alloc_failed+0x110/0x180
Dec 8 23:34:45 hermes kernel: [<ffffffff816a204a>] __alloc_pages_slowpath+0x6b6/0x724
Dec 8 23:54:45 hermes kernel: [<ffffffff81424400>] ? misc_open+0x40/0x1c0
Dec 9 00:34:45 hermes kernel: [<ffffffff8118ec85>] __alloc_pages_nodemask+0x405/0x420
Dec 9 00:54:45 hermes kernel: [<ffffffff8118ec85>] __alloc_pages_nodemask+0x405/0x420
答案2
如果我理解正确的话,使用 GNU grep:
grep -e "00:[0-5][0-9]:[0-5][0-9]" -e "23:[0-5][0-9]:[0-5][0-9]" in_file > out_file
寻找德模式00:[<0 to five><0 to nine>]:[<0 to five><0 to nine>]
或图案23:[<0 to five><0 to nine>]:[<0 to five><0 to nine>]
答案3
对于 Perl,假设您想从 12 月 8 日晚上 11 点开始并延长 2 小时:
perl -MTime::Piece -lane '
BEGIN {
$start = Time::Piece->strptime("Dec 8 23:00:00", "%b %d %T");
$stop = $start + 2*3600;
}
$t = Time::Piece->strptime("@F[0,1,2]", "%b %d %T");
print if $start <= $t && $t <= $stop;
' file