我正在尝试从我的设备中删除所有时间日期戳和排序日志控制输出
例如
sudojournalctl-eu网络管理器
[ 130.787316] user NetworkManager[713]: <info> [1707206156.8193] device (tun0): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'external')
[ 130.787563] user NetworkManager[713]: <info> [1707206156.8195] device (tun0): state change: secondaries -> activated (reason 'none', sys-iface-state: 'external')
[ 130.789674] user NetworkManager[713]: <info> [1707206156.8207] device (tun0): Activation: successful, device activated.
[ 149.870255] user NetworkManager[713]: <info> [1707206175.8792] modem-manager: ModemManager no longer available
[ 150.666436] user systemd[1]: Stopping Network Manager...
[ 150.666601] user NetworkManager[713]: <info> [1707206176.6984] caught SIGTERM, shutting down normally.
我可以在输出中识别两个时间排序列
- 之前的专栏用户
- 之后的专栏信息
删除第一次排序可以通过添加来实现-o猫到原来的
sudo Journalctl -eu NetworkManager -o cat
<info> [1707206156.8193] device (tun0): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'external')
<info> [1707206156.8195] device (tun0): state change: secondaries -> activated (reason 'none', sys-iface-state: 'external')
<info> [1707206156.8207] device (tun0): Activation: successful, device activated.
<info> [1707206175.8792] modem-manager: ModemManager no longer available
Stopping Network Manager...
<info> [1707206176.6984] caught SIGTERM, shutting down normally.
但我无法找到一种干净的方法来定位和过滤掉第二个时间序列。
另外,第二个时序叫什么?
第一个可以通过添加来转换为时间日期-o 短到原始的cmd,但我发现没有过滤器来解决第二个问题。
sudo Journalctl -eu NetworkManager -o 短
Feb 06 06:52:56 user NetworkManager[713]: <info> [1707206156.8193] device (tun0): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'external')
Feb 06 06:52:56 user NetworkManager[713]: <info> [1707206156.8195] device (tun0): state change: secondaries -> activated (reason 'none', sys-iface-state: 'external')
Feb 06 06:52:56 user NetworkManager[713]: <info> [1707206156.8207] device (tun0): Activation: successful, device activated.
Feb 06 06:53:15 user NetworkManager[713]: <info> [1707206175.8792] modem-manager: ModemManager no longer available
Feb 06 06:53:16 user systemd[1]: Stopping Network Manager...
Feb 06 06:53:16 user NetworkManager[713]: <info> [1707206176.6984] caught SIGTERM, shutting down normally.
答案1
第一个时间戳是自内核启动以来的秒数。它是由日志记录工具编写的(我不知道链中的确切位置)。我认为这与您看到的时钟uptime和第一个数字相同/proc/uptime。由于它是由 systemd 管理的,因此journalctl有方法可以漂亮地打印它。
第二个时间戳是NetworkManager 选择包含在其日志消息中。就journalctl而言,它只是以 开头的长行的一部分<info>:日志行的格式是时间戳、用户、进程名称、括号中的进程ID、冒号、有效负载。
NetworkManager 的时间戳是当前时间。时间是从g_get_real_time,因此如果系统时钟发生变化,它也会发生变化。这是 UTC 时间,而不是您所在时区的时间。它是自 Unix 纪元(1970 年 1 月 1 日 00:00 UTC)以来的秒数。
您可以用来date漂亮地打印该时间戳:
date -u -d @1707206156.8193
Tue Feb 6 07:55:56 UTC 2024