我有一个以前损坏的脚本,其中日志文件在中间突然结束。当查看每个案例时,从时间戳中可以明显看出这一点。有没有办法自动 grep 处理所有此类情况?
带有适当的“payone_cancel.php end”的健康结局示例。
2023-03-21T08:41:04+00:00 DEBUG paypal paypal_cancel.php begin
2023-03-21T08:41:04+00:00 DEBUG paypal params = {"id":123,"old_status":"","new_status":"DD"}
2023-03-21T08:41:04+00:00 DEBUG paypal JPATH_ROOT = [ROOT]
2023-03-21T08:41:04+00:00 DEBUG paypal PaypalCancel params = {"id":123,"old_status":"","new_status":"DD"}
2023-03-21T08:41:04+00:00 DEBUG paypal new_status is not EE or empty string, nothing to do
2023-03-21T08:41:04+00:00 DEBUG paypal paypal_cancel.php end
新时间戳出现在正确的“paypal_cancel end”行之前的错误状态示例:
2023-02-17T20:57:41+00:00 DEBUG paypal paypal_cancel.php begin
2023-02-17T20:57:41+00:00 DEBUG paypal params = {"id":"123","old_status":"EE","new_status":"EE"}
2023-02-17T20:57:41+00:00 DEBUG paypal JPATH_ROOT = [ROOT]
2023-02-17T20:57:41+00:00 DEBUG paypal PaypalCancel params = {"id":"123","old_status":"EE","new_status":"EE"}
2023-02-17T22:00:27+00:00 DEBUG paypal --- frontend paypal gateway begin ---
grep -l可能不起作用,因为许多不同情况下的行数不同。
我可能必须再次学习 awk...。
答案1
grep -F 'old_status":"DD","new_status":"EE' -A1 | \
awk '{if (prev_line ~ /PaypalCancel/ && time != $1) print prev_line; time = $1; prev_line = $0}'
如果在记录过程中经过一秒,这会包含误报,但这已经足够了。
技巧是将前一行和时间列存储在变量中,然后在比较时使用它。