在日期/时间范围内搜索日志 [英] Search logs within date/time range

问题描述

我，新手，在这个论坛上搜索过很多东西，并尝试了几种awk，sed和&eps.

I, Newbie, have searched this forum high and low, and have tried several awks, seds, & greps.

我正在尝试搜索日志文件以输出日期&内的所有日志.时间.

I am trying to search log files to output all logs within a date & time.

不幸的是，我正在搜索的日志均具有不同的日期格式.

Unfortunately, the logs that I am searching all have different date formats.

我完成了，让它开始工作:

awk '$0 >= "2018-08-23.11:00:00" && $0 <= "2018-08-23.14:00:00"' catalina.out

针对该特定日期格式.

我不能使用这些日期格式，也许是间距问题?

I can't get these date formats to work, maybe an issue with the spacing?

2018-08-23 11:00:00或2018年8月23日11:00:00

2018-08-23 11:00:00, or Aug 23, 2018 11:00:00

一些我尝试过的例子:

sed -n '/2018-08-23 16:00/,/2018-08-23 18:00/p' testfile.txt
sed -n '/Feb 23 13:55/,/Feb 23 14:00/p' testfile.txt
awk '$0 >= "2018-08-23 17:00:00" && $0 <= "2018-08-23 19:00:00"' testfile.txt

我也尝试过设置变量:FROM ="2018年8月23日17:00:00"，TO ="2018年8月23日19:00:00"

I have also tried setting variables: FROM="Aug 23, 2018 17:00:00" , TO="Aug 23, 2018 19:00:00"

awk '$0 >= "$FROM" && $0 <= "$TO"' testfile.txt

有人可以帮我吗?

更新:我已将其用于2018-08-23 11:00:00格式

UPDATE: I got THIS to work for the 2018-08-23 11:00:00 format

grep -n '2018-08-23 11:[0-9][0-9]' testfile.txt | head -1
grep -n '2018-08-23 12:[0-9][0-9]' testfile.txt | tail -1
awk 'NR>=2 && NR<=4' testfile.txt > rangeoftext

但是我无法使其与2018年8月23日11:00:00一起使用-再次，我认为这可能是一个空间问题?不确定如何解决....

But I could not get it to work with the Aug 23, 2018 11:00:00 -- again, I think this may be a space issue? Not sure how to resolve....

推荐答案

这是一个难题. grep 和 sed 没有日期概念，甚至GNU awk 对日期和时间的支持也很有限.

This is a difficult problem. grep and sed have no concept of a date, and even GNU awk has only limited support for dates and times.

如果您使用合理的日期格式(即可以在字符串比较中使用的日期格式，例如 2018-08-15 17:00:00 )，则该问题在某种程度上更容易解决.无论字符串是否包含空格，这都应该起作用.但是，请注意在空格上会自动拆分的工具，例如shell和 awk .

The problem becomes somewhat more tractable if you use a sane date format, i.e. a date format that can be used in string comparisons, such as 2018-08-15 17:00:00. This should work regardless of whether the string contains whitespace or not. However, beware of tools that automatically split on whitespace, such as the shell and awk.

现在，以您的示例为例:

Now, to your examples:

sed -n '/2018-08-23 16:00/,/2018-08-23 18:00/p' testfile.txt
sed -n '/Feb 23 13:55/,/Feb 23 14:00/p' testfile.txt
awk '$0 >= "2018-08-23 17:00:00" && $0 <= "2018-08-23 19:00:00"' testfile.txt

前两个应该起作用，但是仅当文件确实包含两个时间戳时才起作用，因为您仅在检查某些任意字符串的存在.第三个应该也可以，只要记录都以时间戳开头.

The first two should work, but only if the file really contains both timestamps, since you are only checking for the presence of certain arbitrary strings. The third should also work, provided that the records all start with a timestamp.

这篇关于在日期/时间范围内搜索日志的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！