Shell脚本从过去一小时的日志中获取异常 [英] Shell Script to get exception from logs for last one hour
问题描述
我正在开发脚本,该脚本将grep最近一小时的日志,并检查任何异常并发送电子邮件给solaris平台.
I am developing script which will grep logs of last one hour and check any exception and send email for solaris platform.
我确实遵循了以下步骤
grep -n -h date +'%Y-%m-%d %H:%M' test.logs
上面的命令给了我行号,然后我执行了
above command gives me line number and then i do following
tail +6183313 test.log | grep 'exception'
示例日志
2014-02-17 10:15:02,625 | WARN | m://mEndpoint | oSccMod | 262 - com.sm.sp-client - 0.0.0.R2D03-SNAPSHOT | 1201 or 101 is returned as exception code from SP, but it is ignored
2014-02-17 10:15:02,625 | WARN | m://mEndpoint | oSccMod | 262 - com.sm.sp-client - 0.0.0.R2D03-SNAPSHOT | SP error ignored and mock success returned
2014-02-17 10:15:02,626 | INFO | 354466740-102951 | ServiceFulfill | 183 - org.apache.cxf | Outbound Message
请提出任何更好的替代方案来执行上述任务.
Please suggest any better alternative to perform above task.
推荐答案
使用GNU date,可以使用:
With GNU date, one can use:
grep "^$(date -d -1hour +'%Y-%m-%d %H')" test.logs | grep 'exception'| mail -s "exceptions in last hour of test.logs" ImranRazaKhan
上面的第一步是选择最后一个小时的所有日志条目.这是通过grep来完成的,方法是查找以年,月,日和小时开头的所有与一小时前匹配的行:
The first step above is to select all log entries from the last hour. This is done with grep by looking for all lines beginning with the year-month-day and hour that matches one hour ago:
grep "^$(date -d -1hour +'%Y-%m-%d %H')" test.logs
管道的下一步是从这些行中选择有异常的行:
The next step in the pipeline is to select from those lines the ones that have exceptions:
grep 'exception'
管道的最后一步是发送邮件:
The last step in the pipeline is to send out the mail:
mail -s "exceptions in last hour of test.logs" ImranRazaKhan
以上内容将邮件发送到ImranRazaKhan(或您选择的任何电子邮件地址),主题行为"test.logs的最后一小时例外".
The above sends mail to ImranRazaKhan (or whatever email address you chose) with the subject line of "exceptions in last hour of test.logs".
date的-d选项的便利性不应低估.从当前时间减去1似乎很简单,但是,如果当前时间是凌晨12点,则我们需要同时调整日期和时间.如果该月的第一天是凌晨12点,那么我们还必须更改月份.一年也一样.而且,当然,February年期间需要特别考虑2月.
The convenience of having the -d option to date should not be underestimated. It might seem simple to subtract 1 from the current hour but, if the current hour is 12am, then we need to adjust both the day and the hour. If the hour was 12am on the first of the month, we would also have to change the month. And likewise for year. And, of course, February requires special consideration during leap years.
请考虑以下三种情况:
-
在Solaris 11或更高版本中,
/usr/gnu/bin/date处提供了GNUdate实用程序.因此,我们只需要为date指定路径:
Under Solaris 11 or better, the GNU
dateutility is available at/usr/gnu/bin/date. Thus, we need simply to specify a path fordate:
grep "^$(/usr/gnu/bin/date -d -1hour +'%Y-%m-%d %H')" test.logs | grep 'exception'| mail -s "exceptions in last hour of test.logs" ImranRazaKhan
在Solaris 10或更早版本中,可以下载&安装GNU日期
Under Solaris 10 or earlier, one can download & install GNU date
如果GNU日期仍然不可用,我们需要找到另一种方法来查找一个小时前的日期和时间.最简单的解决方法是选择一个比您的时区晚一小时的时区.如果该时区是香港,请使用:
If GNU date is still not available, we need to find another way to find the date and time for one hour ago. The simplest workaround is likely to select a timezone that is one hour behind your timezone. If that timezone was, say, Hong Kong, then use:
grep "^$(TZ=HongKong date +'%Y-%m-%d %H')" test.logs | grep 'exception'| mail -s "exceptions in last hour of test.logs" ImranRazaKhan
这篇关于Shell脚本从过去一小时的日志中获取异常的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
