我正在使用 cPanel 帐户,并且有一个 Apache 2.4 访问日志,其日志存储如下:
66.249.93.30 - - [04/May/2018:21:26:39 +0200] "GET / HTTP/1.1" 302 207 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko; Google Page Speed Insights) Chrome/41.0.2272.118 Safari/537.36"
66.249.93.30 - - [05/May/2018:10:26:39 +0200] "GET / HTTP/1.1" 302 207 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko; Google Page Speed Insights) Chrome/41.0.2272.118 Safari/537.36"
日期格式为日期“+%d/%B/%Y:%k:%M:%S”
使用 bash 脚本,我想仅提取过去一小时内记录的行,例如:
完整日志文件:
66.249.93.30 - - [04/May/2018:21:26:39 +0200] First Line
66.249.93.30 - - [05/May/2018:11:00:21 +0200] Second Line
66.249.93.30 - - [05/May/2018:11:15:39 +0200] Third Line
66.249.93.30 - - [05/May/2018:12:00:11 +0200] Fourth Line
当前时间:2018年5月5日:12:01:06
日志来源: 5 月 5 日 11:01 - 12:01 的时间间隔
过滤输出:
66.249.93.30 - - [05/May/2018:11:15:39 +0200] Third Line
66.249.93.30 - - [05/May/2018:12:00:11 +0200] Fourth Line
我尝试过使用 awk 和其他一些建议,但我无法让它工作,任何帮助将不胜感激!
最佳答案
$ date
Sat, May 05, 2018 10:49:13 AM
$ cat tst.awk
{
split($4,t,/[[ :\/]/)
mthNr = sprintf("%02d",(index("JanFebMarAprMayJunJulAugSepOctNovDec",t[3])+2)/3)
curTime = t[4] mthNr t[2] t[5] t[6] t[7]
}
curTime >= minTime
$ awk -v minTime=$(date -d '60 min ago' '+%Y%m%d%H%M%S') -f tst.awk file
66.249.93.30 - - [05/May/2018:11:00:21 +0200] Second Line
66.249.93.30 - - [05/May/2018:11:15:39 +0200] Third Line
66.249.93.30 - - [05/May/2018:12:00:11 +0200] Fourth Line
利用问题中的时间来获得问题的预期输出:
$ awk -v minTime=$(date -d '2018/05/05 11:01:06' '+%Y%m%d%H%M%S') -f tst.awk file
66.249.93.30 - - [05/May/2018:11:15:39 +0200] Third Line
66.249.93.30 - - [05/May/2018:12:00:11 +0200] Fourth Line
关于linux - Apache - 最后一小时的日志,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/50188314/