解析日志文件中特定日期的错误 [英] parse a log file for errors on a specific date
问题描述
提前感谢您的任何帮助!:)
Thank you for any help in advance! :)
我是 Powershell 的初学者.我有 powershell 应用程序,而不是 powershell ISE.我需要将我的备份应用程序生成的日志文件解析为 RTF 文档,并在过去 24-72 小时内查找单词 "Errors: ".我基本上必须查看我的笔记本电脑备份解决方案何时失败.
I am a beginner to Powershell. I have the powershell app, not powershell ISE. I need to parse through a log file GENERATED BY MY BACKUPSOLUTION APP INTO A RTF DOCUMENT and look for the word "Errors: " in the last 24-72 hours. I basically have to see when my backup solution for my laptop is failing me.
到目前为止,我有以下几点:
I have the following so far:
$daysBack = 3
$refDate = (Get-Date).AddDays(-$daysBack).Date # set this to midnight
$log = Get-Content -Path 'C:\Users\<User>\Documents\TheLog.log'
# find lines that start with what looks like a date and contains 'Errors:'
# capture the date part in backreference $matches[1] to parse into a real datetime object for comparison with $refDate
$errors = @($log | Where-Object { $_ -match '(\d{2}/\d{2}/\d{4} \d{2}:\d{2}:\d{2}).*Errors:' } |
Where-Object { [datetime]::ParseExact($matches[1], 'dd/MM/yyyy HH:mm:ss', $null) -ge $refDate }).Count
# if $errors not 0
if ($errors) {
$count = if ($errors -eq 1) { "was an error" } else { "were $errors errors" }
"There {0} in your back up solution in the last $daysBack days. Please check your log file." -f $count
}
else {
"There were no errors in backing up your files in the last $daysBack days."
}
以上代码没有发现如下错误:
The above code does not find the following error:
18/02/2021 08:57:37 - can not access C:\users\<username>\documents\ The network path was not found.
18/02/2021 08:57:37 - End: Desktop... Copied: 0, Errors: 1
*我的日志文件中显示成功复制的示例行:
22/02/2021 17:27:33 - Begin: Documents=======================================
22/02/2021 17:27:33 - copied Notes.docx from C:\users\<username>\documents\ to D:\users\<username>\documents\
22/02/2021 17:27:33 - End: Documents...Copied 1
*在日志文件中显示几天前未成功复制的示例行:
18/02/2021 08:57:37 - can not access C:\users\<username>\documents\ The network path was not found.
18/02/2021 08:57:37 - End: Documents... copied: 0, Errors: 1
我还应该提到,有时当我从我的文档中删除一个文件而不是备份它时,它也会从备份中删除.据我所知,我的备份解决方案是我文档中任何内容的精确镜像.我想我也想在我的代码中包含一些关于这些删除的内容.
I should also mention there are sometimes when I delete a file from my documents and rather than back it up it deletes from the back up as well. As far as I understand my backup solution is an exact mirror of whatever is in my documents. I think I would like to maybe include something about these deletes in my code too.
我的日志文件是 RTF 格式*删除日志文件的示例部分:
MY LOG FILE IS A RTF FORMAT *Sample section of log file that deletes:
22/02/2021 17:27:33 - End: Documents...Copied 1, Deleted: 1
EDITTTTTTTTT我在这个文档中有几个错误.
EDITTTTTTTTT I have several errors in this document.
这是我之前的代码:
我的代码非常简单:
Get-Content -Path 'C:\Users\<User>\Documents\TheLog.log' -select string "Errors: "
但我想要一些可以根据严重错误过滤错误的东西,但不知道如何当我运行上面的代码时,我得到了这个输出:
But I wanted something that could filter the errors based on critical errors but have no idea how When I run the above code I get this output:
\par 18/02/2021 08:57:37 - \plain\f0\fs16\cf1 End: Documents... copied: 0, Errors: 1 \plain\f0\fs16\cf1
我想以某种方式从生成的字符串中提取该日期并将其与今天的日期进行比较.
I want to somehow extract that date from that generated string and compare it to today's date.
推荐答案
从你显示的日志文件的样子来看,你可以通过下面的操作来测试最近三天内是否有错误报告:
From what you show the log file looks like, you can do below to test if there were errors reported in the last three days:
$daysBack = 3
$refDate = (Get-Date).AddDays(-$daysBack).Date # set this to midnight
$log = Get-Content -Path 'C:\Users\<User>\Documents\TheLog.log'
# find lines that start with what looks like a date and contains 'Errors:'
# capture the date part in backreference $matches[1] to parse into a real datetime object for comparison with $refDate
$errors = @($log | Where-Object { $_ -match '(\d{2}/\d{2}/\d{4} \d{2}:\d{2}:\d{2}).*Errors:' } |
Where-Object { [datetime]::ParseExact($matches[1], 'dd/MM/yyyy HH:mm:ss', $null) -ge $refDate }).Count
# if $errors not 0
if ($errors) {
$count = if ($errors -eq 1) { "was an error" } else { "were $errors errors" }
"There {0} in your back up solution in the last $daysBack days. Please check your log file." -f $count
}
else {
"There were no errors in backing up your files in the last $daysBack days."
}
<小时>
我已经用一个文件进行了测试:
I have tested with a file:
18/02/2021 08:57:37 - can not access C:\users\<username>\documents\ The network path was not found.
18/02/2021 08:57:37 - End: Documents... copied: 0, Errors: 1
21/02/2021 08:57:37 - can not access C:\users\<username>\documents\ The network path was not found.
21/02/2021 08:57:37 - End: Documents... copied: 0, Errors: 1
22/02/2021 17:27:33 - Begin: Documents=======================================
22/02/2021 17:27:33 - copied Notes.docx from C:\users\<username>\documents\ to D:\users\<username>\documents\
22/02/2021 17:27:33 - End: Documents...Copied 1
22/02/2021 17:27:33 - End: Documents...Copied 1, Deleted: 1
今天是 23/02/2021
设置时
$daysBack = 3
$refDate = (Get-Date).AddDays(-3).Date # set this to midnight
输出是
There was an error in your back up solution in the last 3 days. Please check your log file.
当设置为 6 天前:
$daysBack = 6
$refDate = (Get-Date).AddDays(-$daysBack).Date # set this to midnight
输出符合预期:
There were 2 errors in your back up solution in the last 6 days. Please check your log file.
<小时>
正则表达式详情:
Regex details:
( Match the regular expression below and capture its match into backreference number 1
\d Match a single digit 0..9
{2} Exactly 2 times
/ Match the character "/" literally
\d Match a single digit 0..9
{2} Exactly 2 times
/ Match the character "/" literally
\d Match a single digit 0..9
{4} Exactly 4 times
\ Match the character " " literally
\d Match a single digit 0..9
{2} Exactly 2 times
: Match the character ":" literally
\d Match a single digit 0..9
{2} Exactly 2 times
: Match the character ":" literally
\d Match a single digit 0..9
{2} Exactly 2 times
)
. Match any single character that is not a line break character
* Between zero and unlimited times, as many times as possible, giving back as needed (greedy)
Errors: Match the characters "Errors:" literally
这篇关于解析日志文件中特定日期的错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
