如何按月拆分现有apache日志文件?
如何按月将现有apache日志文件拆分为单独的文件 我在网上搜遍了,什么也找不到。是的,我知道logrotate和cronolog以及所有这些。但我发现没有任何东西可以帮助我分割现有文件 有awk脚本或其他什么吗 以下是一段数据:如何按月拆分现有apache日志文件?,apache,awk,Apache,Awk,如何按月将现有apache日志文件拆分为单独的文件 我在网上搜遍了,什么也找不到。是的,我知道logrotate和cronolog以及所有这些。但我发现没有任何东西可以帮助我分割现有文件 有awk脚本或其他什么吗 以下是一段数据: 124.115.5.11 - - [30/May/2011:23:21:37 -0500] "GET / HTTP/1.0" 200 206492 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;
124.115.5.11 - - [30/May/2011:23:21:37 -0500] "GET / HTTP/1.0" 200 206492 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322;TencentTraveler)"
58.61.164.39 - - [31/May/2011:00:36:35 -0500] "GET / HTTP/1.0" 200 206492 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322;TencentTraveler)"
114.80.93.55 - - [31/May/2011:01:42:17 -0500] "GET / HTTP/1.0" 200 206492 "-" "Sosospider+(+http://help.soso.com/webspider.htm)"
114.80.93.73 - - [31/May/2011:02:03:44 -0500] "GET / HTTP/1.0" 200 206492 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322;TencentTraveler)"
123.125.71.98 - - [31/May/2011:12:33:30 -0500] "GET / HTTP/1.1" 103 24576 "-" "Baiduspider+(+http://www.baidu.com/search/spider.htm)"
220.181.108.187 - - [31/May/2011:12:33:55 -0500] "GET / HTTP/1.1" 103 24576 "-" "Baiduspider+(+http://www.baidu.com/search/spider.htm)"
123.125.71.117 - - [31/May/2011:13:27:56 -0500] "GET / HTTP/1.1" 103 24576 "-" "Baiduspider+(+http://www.baidu.com/search/spider.htm)"
123.125.71.78 - - [31/May/2011:16:45:48 -0500] "GET /node/54 HTTP/1.1" 200 3219 "-" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)"
124.115.1.8 - - [31/May/2011:19:59:58 -0500] "GET / HTTP/1.1" 200 206492 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
123.125.71.69 - - [31/May/2011:22:05:46 -0500] "GET / HTTP/1.1" 200 206492 "-" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)"
以下是我的解决方案,深受Steve以下答案的启发:
单向使用
awkawk 'BEGIN {
split("Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec ", months, " ")
for (a = 1; a <= 12; a++)
m[months[a]] = a
}
{
split($4,array,"[:/]");
year = array[3]
month = sprintf("%02d", m[array[2]])
print > FILENAME"-"year"_"month".txt"
}' incendiary.ws-2009
awk '{ split($4,array,"/"); print > array[2] ".txt" }' file.txt
原始灵感:单向使用
awkawk 'BEGIN {
split("Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec ", months, " ")
for (a = 1; a <= 12; a++)
m[months[a]] = a
}
{
split($4,array,"[:/]");
year = array[3]
month = sprintf("%02d", m[array[2]])
print > FILENAME"-"year"_"month".txt"
}' incendiary.ws-2009
awk '{ split($4,array,"/"); print > array[2] ".txt" }' file.txt
incendiary.ws-2010-2010_04.txt
incendiary.ws-2010-2010_05.txt
incendiary.ws-2010-2010_06.txt
incendiary.ws-2010-2010_07.txt
May.txt
June.txt
July.txt
etc
May2011.txt
May2012.txt
July2011.txt
etc
awk '{ split($4,array,"[:/]"); print > array[2] array[3] ".txt" }' file.txt
incendiary.ws-2010-2010_04.txt
incendiary.ws-2010-2010_05.txt
incendiary.ws-2010-2010_06.txt
incendiary.ws-2010-2010_07.txt
May.txt
June.txt
July.txt
etc
May2011.txt
May2012.txt
July2011.txt
etc
了解awk(或其他:)的人可能不一定知道或有权访问您试图操纵的数据文件,如果您能提供一些输入/输出对,以显示您正在使用的内容/如果可能的话想要获得的内容,那将是很好的。我已经实现了您的优秀建议。我已经修改了您的算法,使格式为FILENAME-yyy\u MM。我把它塞进了我的问题里。