Shell AWK只打印有点的行

如何仅打印第5列中包含点（

）的行，并删除末尾的冒号（

：

）

我希望避免在

|

中重复使用awk，而希望使用单个

awk

这是我用

awk

$ awk '{a[$5]++;} END{for(i in a) print a[i]"  "i}' netappev.logs
4  wafl.vol.full:
5
3  sis.changelog.full:
1  17:58:41
1  using
1  "event
21  vifmgr.bcastDomainPartition:
4  wafl.mirror.access.denied:
76  secd.authsys.lookup.failed:
7  wafl.vol.runningOutOfInodes:

仅使用

grep

打印带有点（

）的行的一种方法：

$ awk '{a[$5]++;} END{for(i in a) print a[i]"  "i}' netappev.logs | grep \\.
4  wafl.vol.full:
3  sis.changelog.full:
21  vifmgr.bcastDomainPartition:
4  wafl.mirror.access.denied:
76  secd.authsys.lookup.failed:
7  wafl.vol.runningOutOfInodes:

再次使用

|

和

AWK

删除冒号（

：

）

$ awk '{a[$5]++;} END{for(i in a) print a[i]"  "i}' netappev.logs | grep \\. | awk -F: '{print $1}'
4  wafl.vol.full
3  sis.changelog.full
21  vifmgr.bcastDomainPartition
4  wafl.mirror.access.denied
76  secd.authsys.lookup.failed
7  wafl.vol.runningOutOfInodes

编辑： @Ed Morton在评论中询问的原始数据

Last login time: 2/19/2021 17:58:41
Time                Node             Severity      Event
------------------- ---------------- ------------- ---------------------------
2/19/2021 22:32:16  ksg6007          ERROR         vifmgr.bcastDomainPartition: Broadcast domain KSGI_mgmt-38 is partitioned into 2 groups on node ksg6007. The different groups are: {a0a-38}, {e0M}. LIFs hosted on the ports in this broadcast domain may be at the risk of seeing connectivity issues.
2/19/2021 22:31:31  ksg6013          ERROR         wafl.vol.runningOutOfInodes: The file system on Volume tpv6010_ida_ipdev_workareas@vserver:577ffe3f-4d04-11e7-92cf-00a098c5e37c is using 80 percent or more of the files that can be contained on the volume.
2/19/2021 22:30:03  ksg6005          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (28274) on Vserver (tpv6009) for client with IP address (10.137.170.142).
2/19/2021 22:29:52  ksg6007          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (45509) on Vserver (tpv6011) for client with IP address (10.137.170.112).
2/19/2021 22:29:52  ksg6014          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (45509) on Vserver (tpv6011) for client with IP address (10.137.170.112).
2/19/2021 22:28:37  ksg6006          ERROR         vifmgr.bcastDomainPartition: Broadcast domain KSGI_mgmt-38 is partitioned into 2 groups on node ksg6006. The different groups are: {a0a-38}, {e0M}. LIFs hosted on the ports in this broadcast domain may be at the risk of seeing connectivity issues.
2/19/2021 22:28:01  ksg6008          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (28274) on Vserver (tpv6009) for client with IP address (10.137.170.142).
2/19/2021 22:27:15  ksg6014          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (46537) on Vserver (tpv6010) for client with IP address (10.137.171.26).
2/19/2021 22:27:00  ksg6005          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (35828) on Vserver (tpvtp605) for client with IP address (165.114.117.122).
2/19/2021 22:25:49  ksg6013          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (997) on Vserver (tpv6010) for client with IP address (165.114.118.231).
2/19/2021 22:24:49  ksg6005          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (45509) on Vserver (tpv6010) for client with IP address (10.137.170.112).
2/19/2021 22:24:49  ksg6007          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (45509) on Vserver (tpv6010) for client with IP address (10.137.170.112).
2/19/2021 22:24:49  ksg6008          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (45509) on Vserver (tpv6011) for client with IP address (10.137.170.112).
2/19/2021 22:23:49  ksg6008          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (46537) on Vserver (tpv6010) for client with IP address (10.137.171.26).
2/19/2021 22:23:49  ksg6013          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (46537) on Vserver (tpv6010) for client with IP address (10.137.171.26).
2/19/2021 22:23:47  ksg6005          ERROR         vifmgr.bcastDomainPartition: Broadcast domain KSGI_mgmt-38 is partitioned into 2 groups on node ksg6005. The different groups are: {a0a-38}, {e0M}. LIFs hosted on the ports in this broadcast domain may be at the risk of seeing connectivity issues.
2/19/2021 22:23:35  ksg6008          ERROR         vifmgr.bcastDomainPartition: Broadcast domain KSGI_mgmt-38 is partitioned into 2 groups on node ksg6008. The different groups are: {a0a-38}, {e0M}. LIFs hosted on the ports in this broadcast domain may be at the risk of seeing connectivity issues.
2/19/2021 22:22:37  ksg6007          ALERT         wafl.vol.full: Insufficient space on volume tpv6009_scratch001@vserver:41dd0809-477f-11e7-92cf-00a098c5e37c to perform operation. 8.00KB was requested but only 1.00KB was available.
2/19/2021 22:22:35  ksg6013          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (46329) on Vserver (tpv6009) for client with IP address (165.114.116.50).
2/19/2021 22:21:12  ksg6006          ERROR         wafl.mirror.access.denied: Access to SnapMirror volume 'tpv6010_da' was denied because SnapMirror initialization was not complete (exported Snapshot copy identifier '0' is invalid).
2/19/2021 22:21:04  ksg6014          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (46537) on Vserver (tpv6009) for client with IP address (165.114.118.133).
2/19/2021 22:21:02  ksg6005          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (46709) on Vserver (tpv6009) for client with IP address (10.137.169.63).
2/19/2021 22:21:02  ksg6005          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (46329) on Vserver (tpv6011) for client with IP address (10.137.170.238).
2/19/2021 22:20:58  ksg6007          ERROR         vifmgr.bcastDomainPartition: Broadcast domain KSGI_mgmt-38 is partitioned into 2 groups on node ksg6007. The different groups are: {a0a-38}, {e0M}. LIFs hosted on the ports in this broadcast domain may be at the risk of seeing connectivity issues.
2/19/2021 22:20:02  ksg6005          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (46329) on Vserver (tpv6010) for client with IP address (10.137.170.238).
2/19/2021 22:19:43  ksg6013          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (46709) on Vserver (tpv6011) for client with IP address (10.137.169.63).
2/19/2021 22:19:08  ksg6013          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (994) on Vserver (tpv6011) for client with IP address (165.114.116.101).
2/19/2021 22:19:02  ksg6008          ERROR         secd.authsys.lookup.failed: Unable to retrieve credentials for UNIX user with UID (45509) on Vserver (tpv6009) for client with IP address (10.137.170.112).

---

对于您显示的尝试，请尝试以下内容，因为没有提供样本，所以无法测试它

awk '{a[$5]++} END{for(i in a){if(i~/\./){print a[i]"  "i}}}' Input_file

解释：基本上是在您尝试的程序的

END

块中添加一个额外的检查，以检查变量i是否包含点，然后只打印它们，否则不打印

要处理冒号（根据所示的尝试，在第一个冒号之前获取值），还可以尝试以下操作：我也可以对变量I使用替换，但如果您可能需要进一步使用它，那么我将使用

split

。用

分隔符拆分其值：

并打印其第一个值。这也没有考虑到冒号总是排在最后

awk '{a[$5]++} END{for(i in a){if(i~/\./){split(i,arr,":");print a[i]"  "arr[1]}}}' Input_file

或者使用

sub

：根据OP的评论，考虑到冒号将始终位于值的最后一个，在此处添加此变量

awk '{a[$5]++} END{for(i in a){if(i~/\./){sub(/:$/,"",i);print a[i]"  "i}}}' Input_file

如何用删除不包含点（

）的行。
其次，从每一行中删除冒号（

：

），正如我们在末尾看到的那样

您可以尝试此

awk

：

awk-v OFS='\t''
{
子（/：$/，“”，$5）
a[$5]++
}
结束{
为了（我在a）
如果（索引（i，“.”）
打印a[i]，i
}“netappev.log

这应该可以

awk '$5~/\./ {sub(/:$/,"",$5); a[$5]++} 
     END     {for(i in a) print a[i] "  " i}' file

删除

：

计数后可能会产生不需要的结果，假设您有text:和text，它们将显示为两行

如果不想多次引用同一字段，请在第一次使用时将其指定给变量

awk '(k=$5)~/\./ {sub(/:$/,"",k); a[k]++} 
     END         {for(k in a) print a[k] "  " k}' file

---

从您发布的数据块来看，这似乎是您试图做的事情，但如果没有相关的预期输出，这只是一个猜测：

$ awk -F'[: ]+' 'NF>7{print $7}' file | sort | uniq -c
     20 secd.authsys.lookup.failed
      5 vifmgr.bcastDomainPartition
      1 wafl.mirror.access.denied
      1 wafl.vol.full
      1 wafl.vol.runningOutOfInodes

或者如果您只喜欢awk：

$ awk -F'[: ]+' 'NF>7{cnt[$7]++} END{for (i in cnt) print cnt[i], i}' file
1 wafl.vol.full
5 vifmgr.bcastDomainPartition
20 secd.authsys.lookup.failed
1 wafl.mirror.access.denied
1 wafl.vol.runningOutOfInodes

---

非常感谢，这很有效，但是我们可以添加以删除

：

吗？@kulfi，欢迎您，请尝试我编辑的代码，并让我知道这是否对您有帮助？再次非常感谢，它工作得很好，但什么是“我也可以对变量使用替换”，如果你也能展示出这一点，那么对未来的游客来说也可能是好事。@kulfi，我当然也加入了这个解决方案，干杯，快乐学习。它会保持报告的计数不变，因为没有重新缩放，它应该是一样的。啊，你说得对，傻我，我想得太多了++谢谢Karakfa，很好的一个，然而，我们多次调用

$5

，但很优雅。@kulfi，没有“调用”，它是一个字段引用，但是的，多次调用。请查看备选方案。感谢Anubhava，您能否解释一下

（索引（i，“.”

索引

是执行字符串搜索的函数（非正则表达式，速度更快）。在这里，它搜索变量

i

中

的第一个位置。如果找不到，它将返回位置或

0

。谢谢。我知道这一点，但键入了一个错误。如果您的问题包含简洁、可测试的样本输入和预期输出，那么我们可以为您提供最好的帮助。请参阅。始终尝试思考和表达您的需求用肯定而不是否定的术语，例如，不要

删除没有点的行

，你可以说

只打印有点的行

。这样可以使要求更加明确，避免双重否定潜入，并避免需求的否定渗透到代码中，使代码变得复杂ed也是。@EdMorton，非常感谢你的投入，我总是遵循你的好技巧，所以，我刚刚编辑了我的问题，我试图从语法上重新表述我的帖子，但是作为非英语母语的人，我的英语没有很好的流畅性。不客气。我没有要求原始数据，不过，我要求的是一个简洁、可测试的样本投入nd预期输出-您提供的原始数据不是演示您的需求所需的一组模拟输入，并且给定该输入的预期输出仍然缺失，因此您提供的不是一个。感谢Ed Morton抽出时间提供您的答案+1，一如既往。