Linux 使用cut或Awk的特定字段
如何从直线上剪切特定字段 问题是我不能使用Linux 使用cut或Awk的特定字段,linux,bash,Linux,Bash,如何从直线上剪切特定字段 问题是我不能使用cut-d'-f1,2,3,4,5,9,10,11,12,13,14,因为字段发生了变化 假设我有一个名为/var/log/test的文件,文件中的一行如下所示: Apr 12 07:48:11 172.89.92.41 %ASA-5-713120: Group = People, Username = james.robert, IP = 219.89.259.32, PHASE 2 COMPLETED (msgid=9a4ce822) 我只需要获得
cut-d'-f1,2,3,4,5,9,10,11,12,13,14Apr 12 07:48:11 172.89.92.41 %ASA-5-713120: Group = People, Username = james.robert, IP = 219.89.259.32, PHASE 2 COMPLETED (msgid=9a4ce822)
grep "james" /var/log/tes | cut -d ' ' -f 1,2,3,4,5,9,10,11,12,13,14
awk -F'[ ,]' '$12~/username/{print $1,$2,$3,$12}' /var/log/test
Apr 8 12:16:13 172.24.32.1 %ASA-6-713228: Group = people, Username = marry.tarin, IP = 209.157.190.11, Assigned private IP address 192.168.237.38 to remote user
您可以使用
awksubstr()length()awk -F"," '{print substr($1,1,15), substring($3, 13, length($3)-12)}' /var/log/test
您可以使用
awksubstr()length()awk -F"," '{print substr($1,1,15), substring($3, 13, length($3)-12)}' /var/log/test
如果您的文件结构一致
awk -F'[ ,]' '{print $1,$2,$3,$12}' file
Apr 12 07:48:11 james.robert
$ awk -F'[ ,]' '$12~/james/{print $1,$2,$3,$12}' file
Apr 12 07:48:11 james.robert
$ awk -F' +|,' '{print $1,$2,$3,$12}' file
Apr 12 07:48:11 james.robert
Apr 8 12:16:13 marry.tarin
-F'+|,'/pattern/$12~/pattern/tolower()$ awk -F' +|,' 'tolower($12)~/patterninlowercase/{print $1,$2,$3,$12}' file
如果您的文件结构一致
awk -F'[ ,]' '{print $1,$2,$3,$12}' file
Apr 12 07:48:11 james.robert
$ awk -F'[ ,]' '$12~/james/{print $1,$2,$3,$12}' file
Apr 12 07:48:11 james.robert
$ awk -F' +|,' '{print $1,$2,$3,$12}' file
Apr 12 07:48:11 james.robert
Apr 8 12:16:13 marry.tarin
-F'+|,'/pattern/$12~/pattern/tolower()$ awk -F' +|,' 'tolower($12)~/patterninlowercase/{print $1,$2,$3,$12}' file
sedsed -r 's/^([A-Za-z]{3} [0-9]{1,2} [0-9]{2}:[0-9]{2}:[0-9]{2}).*(Username = [^,]*).*/\1 \2/g' file
sedsed -r 's/^([A-Za-z]{3} [0-9]{1,2} [0-9]{2}:[0-9]{2}:[0-9]{2}).*(Username = [^,]*).*/\1 \2/g' file
gawkawk '{u=gensub(/.*(Username = [^,]*).*/,"\\1","g",$0);if ( u ~ "james") {print u,$1,$2,$3}}' file
gawkawk '{u=gensub(/.*(Username = [^,]*).*/,"\\1","g",$0);if ( u ~ "james") {print u,$1,$2,$3}}' file
以下perl将打印由选项卡分隔的日期和用户名。将其他有效用户名字符添加到
[\w.]perl -ne '
print $+{date}, "\t", $+{user}, "\n" if
/^(?<date>([^\s]+\s+){2}[^\s]+).*\bUsername\s*=\s*(?<user>[\w.]+)/
'
perl-ne'
打印$+{date},“\t”、$+{user},“\n”如果
/^(?([^\s]+\s+{2}[^\s]+).*\bUsername\s*=\s*(?[\w.]+)/
'
允许不同数量的制表符和空格。以下perl将打印由制表符分隔的日期和用户名。将其他有效用户名字符添加到
[\w.]perl -ne '
print $+{date}, "\t", $+{user}, "\n" if
/^(?<date>([^\s]+\s+){2}[^\s]+).*\bUsername\s*=\s*(?<user>[\w.]+)/
'
perl-ne'
打印$+{date},“\t”、$+{user},“\n”如果
/^(?([^\s]+\s+{2}[^\s]+).*\bUsername\s*=\s*(?[\w.]+)/
'
允许使用不同数量的制表符和空格。这给了我一个错误。这甚至会尝试在哪里匹配用户名?这里的假设不是逗号的位置是一致的,因此您的
username=用户名=