如何查询指定时间范围内的日志
-
分类
编程笔记
·
-
发表于 2022-09-27 15:29:43
搞代码的都离不开通过查看日志处理问题;服务器上记录的日志都比较大,不会把整个日志文件拿来分析,通常会截取时间范围内的日志来分析问题,介绍几种查询时间范围日志方法。
处理文件肯定是离不开linux三剑客grep、sed、awk的。
演示截取2点到9点的日志
测试日志文件test.log
,模拟所有2点到11点日志
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
| {"timestamp":"2022-09-27T02:12:59+08:00","level":"debug"} {"timestamp":"2022-09-27T02:14:42+08:00","level":"debug"} {"timestamp":"2022-09-27T02:41:03+08:00","level":"debug"} {"timestamp":"2022-09-27T02:45:59+08:00","level":"debug"} {"timestamp":"2022-09-27T04:35:31+08:00","level":"debug"} {"timestamp":"2022-09-27T04:35:31+08:00","level":"error"} {"timestamp":"2022-09-27T04:35:31+08:00","level":"debug"} {"timestamp":"2022-09-27T04:38:40+08:00","level":"debug"} {"timestamp":"2022-09-27T04:49:55+08:00","level":"debug"} {"timestamp":"2022-09-27T09:21:04+08:00","level":"debug"} {"timestamp":"2022-09-27T09:21:04+08:00","level":"error"} {"timestamp":"2022-09-27T09:21:04+08:00","level":"debug"} {"timestamp":"2022-09-27T09:21:04+08:00","level":"error"} {"timestamp":"2022-09-27T09:21:04+08:00","level":"debug"} {"timestamp":"2022-09-27T09:21:19+08:00","level":"debug"} {"timestamp":"2022-09-27T09:30:30+08:00","level":"debug"} {"timestamp":"2022-09-27T09:30:35+08:00","level":"debug"} {"timestamp":"2022-09-27T09:33:46+08:00","level":"debug"} {"timestamp":"2022-09-27T09:37:02+08:00","level":"debug"} {"timestamp":"2022-09-27T10:29:54+08:00","level":"debug"} {"timestamp":"2022-09-27T10:29:59+08:00","level":"debug"} {"timestamp":"2022-09-27T10:30:02+08:00","level":"debug"} {"timestamp":"2022-09-27T10:30:03+08:00","level":"debug"} {"timestamp":"2022-09-27T10:30:43+08:00","level":"debug"} {"timestamp":"2022-09-27T10:30:44+08:00","level":"debug"} {"timestamp":"2022-09-27T10:30:45+08:00","level":"debug"} {"timestamp":"2022-09-27T10:30:46+08:00","level":"debug"} {"timestamp":"2022-09-27T10:30:48+08:00","level":"debug"} {"timestamp":"2022-09-27T10:56:22+08:00","level":"debug"} {"timestamp":"2022-09-27T11:09:36+08:00","level":"debug"} {"timestamp":"2022-09-27T11:09:41+08:00","level":"debug"}
|
正则方式
grep不支持范围,awk和sed支持范围,三个都支持正则匹配
grep
1 2
| grep '2022-09-27T0[2-9]' test.log # 19条数据
|
awk
1 2
| awk '/2022-09-27T0[2-9]/' test.log # 19条数据
|
sed
1 2
| sed -n '/2022-09-27T0[2-9]/p' test.log # 19条数据
|
范围方式
范围是指匹配第一次出现到第二次出现之间的内容,所以查9点的应该写成截止10点,只会多出10点的一条数据
awk
1 2
| awk '/2022-09-27T02/,/2022-09-27T10/' test.log # 20条数据
|
sed
1 2
| sed -n '/2022-09-27T02/,/2022-09-27T10/p' test.log # 20条数据
|