如何在日志中 grep 特定查询
以下是我的日志。
2011-03-10 20:34:16,657 INFO [jdbc.sqlonly]
SELECT COL1
, COL2 -- some comments may be here
, COL3
FROM TABLE_A
WHERE COL4 = 'some_text'
/* [related.classname] : some comments go here */
2011-03-10 20:34:16,658 DEBUG [another.class.name] blahblah
.
.
.
2011-03-10 20:34:16,843 INFO [jdbc.sqlonly]
SELECT MAX(COL_A)
FROM TABLE_B
WHERE COL_T < CURRENT_TIMESTAMP
/* [other.classname] : some comments go here */
2011-03-10 20:34:16,844 DEBUG [other.class.name2] blahblah
.
.
我想用 tail -f 命令 grep 这个查询,并只捕获 related.classname。 因为每个查询都包含换行符,所以使用 grep 命令没有帮助。 我该怎么做? 我担心可能使用 sed 的命令,如下所示。
tail -f some.log | sed -n '/jdbc\.sqlonly/,/2011-03-10 /p'
它可以帮助仅查找查询,而不是调试日志,但没有捕获关联的类名(相关的类名)。 请帮助我。啊,我的服务器是AIX。
The following is my log.
2011-03-10 20:34:16,657 INFO [jdbc.sqlonly]
SELECT COL1
, COL2 -- some comments may be here
, COL3
FROM TABLE_A
WHERE COL4 = 'some_text'
/* [related.classname] : some comments go here */
2011-03-10 20:34:16,658 DEBUG [another.class.name] blahblah
.
.
.
2011-03-10 20:34:16,843 INFO [jdbc.sqlonly]
SELECT MAX(COL_A)
FROM TABLE_B
WHERE COL_T < CURRENT_TIMESTAMP
/* [other.classname] : some comments go here */
2011-03-10 20:34:16,844 DEBUG [other.class.name2] blahblah
.
.
I wanna grep this query with tail -f command, and catch ONLY related.classname.
Because every query include line feed character, It can't be helpful to use grep command.
How can I do this?
I've concerned about possible command using sed, like the following.
tail -f some.log | sed -n '/jdbc\.sqlonly/,/2011-03-10 /p'
It can help to find only query, not debug log, but didn't catch the associated classname(related.classname).
Plz help me. Ah, my server is AIX.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
awk 非常适合此类任务。从根本上来说,awk 脚本一次处理一行,但允许您在处理每一行时修改/读取全局变量。要应用 awk 解决此问题,您可以创建一个微型状态机,它会记住何时处理日志条目“内部”的行,并从“匹配”条目中打印所需的任何信息。
这是一个 awk 程序示例。
BEGIN块在处理任何输入之前执行一次,而主块每行执行一次 -$0包含整行内容。此脚本打印以包含
jdbc.sqlonly的行开头的每个日志条目的最后一行。新日志条目的开头定义为包含INFO或DEBUG的任何行。 match() 函数的正则表达式参数可以轻松调整。要运行脚本,请将其存储在文件中并按如下方式调用:还可以在命令行中构建“扔掉”或单行 awk 脚本,这对于不适合使用全功能脚本的临时解决方案来说很方便语言。
Awk is well suited for this type of task. Fundamentally, an awk script processes one line at a time, but allows you to modify/read global variables while processing each line. To apply awk to this problem, you could create a mini-state machine that remembers when processing a line "inside" a log entry and print whatever information is desired from "matching" entries.
Here is an example awk program. The
BEGINblock is executed once before processing any input, while the main block is executed once per line --$0contains the entire line contents.This script prints the last line of each log entry that started with a line containing
jdbc.sqlonly. The start of a new log entry is defined as any line that containsINFOorDEBUG. The regular expression parameter to the match() function can be easily tweaked. To run the script, store it in a file and invoke as follows:"Throw-away" or one-line awk scripts can also be built at the command-line, which is convenient for temporary solutions that do not justify a fully featured scripting language.
对于我使用的 sed,范围命令似乎很贪婪,并且与最后一个日期匹配。
您可以使用 egrep 查找“INFO|DEBUG”并根据需要对其进行操作。
我希望这有帮助。
PS,由于您似乎是新用户,如果您得到的答案对您有帮助,请记住将其标记为已接受,或给它一个+(或-)作为有用的答案
For the sed I use, the range command appears to be greedy, and is matching the last date.
You could egrep for 'INFO|DEBUG' and manipulate that as needed.
I hope this helps.
P.S. as you appear to be a new user, if you get an answer that helps you please remember to mark it as accepted, or give it a + (or -) as a useful answer
这是我使用的...
这里 2011 是每条日志行开头的模式。 sql 是我正在搜索的词。
Here is the one I use it ...
Here 2011 is the pattern of each log line start with. sql is the word I am searching for.