用于检查特定日志的 linux/unix 命令
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/18453580/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
linux/ unix command for checking specific logs
提问by user2579439
how can I extract a log based on specific time frame? Let's say issue started between 4pm to 5pm, how can I get that specific log between those times? I can use lessor cator grepbut it would not give me the details of the error, sample command:
如何根据特定时间范围提取日志?假设问题在下午 4 点到 5 点之间开始,我怎样才能在这些时间之间获得那个特定的日志?我可以使用lessor catorgrep但它不会给我错误的详细信息,示例命令:
grep "2013-08-26 16:00:00" sample.log
what is the more precise Linux/ Unix command that can do the trick?
可以做到这一点的更精确的 Linux/Unix 命令是什么?
回答by mvp
If you know that issue happened between 4 and 5 pm, you can use this:
如果您知道该问题发生在下午 4 点到 5 点之间,则可以使用以下命令:
grep "2013-08-26 16:" sample.log | less
If you need some lines around that issue, add option -N to grep (context of N lines), something like that:
如果您需要解决该问题的一些行,请将选项 -N 添加到 grep(N 行的上下文),如下所示:
grep -3 "2013-08-26 16:" sample.log | less
If you know that your event contained some specific word, you can filter it more using one more grep:
如果你知道你的事件包含一些特定的词,你可以使用更多的 grep 过滤它:
grep -3 "2013-08-26 16:" sample.log | grep somethingelse
回答by Alexander Yancharuk
For viewing ERROR log messages between 16:00:00and 17:00:00use:
要查看16:00:00和17:00:00之间的 ERROR 日志消息,请使用:
grep -nP '2013-08-15 16:.+ERROR' sample.log | less
If you have multiline messages in log you can use -A nand -B nparams to add for each output string n lines after or before:
如果日志中有多行消息,则可以使用-A n和-B nparams 为每个输出字符串添加 n 行之后或之前:
3 lines before and after each line:
每行前后各3行:
grep -A 3 -B 3 -nP '2013-08-15 16:.+ERROR' sample.log | less
Shorthand for the same:
相同的简写:
grep -3 -nP '2013-08-15 16:.+ERROR' sample.log | less
