我正在執行一個UNIX腳本,它檢查一個日誌文件並輸出發生Web連接的主機。我用下面的腳本實現這一點UNIX腳本日期提取
if [ "$1" = "hosts" ]; then
grep "$2" $logs | awk '{print $1}' | uniq > templist
lines=`wc templist | awk '{print $1}'`
while [ "$number" -le "$lines" ]
do
hostip=`sed -n "$number p" templist`
`nslookup -sil "$hostip" | grep -i "name" | awk '{print $4}' >> lookup`
number=`expr $number + 1`
done
echo " "
echo " Host IP Address "
echo " --------------- "
paste templist lookup
rm lookup
rm templist
exit 1
fi
但是,由我我無法弄清楚如何輸出日期以及。我試着沿着線的東西:
if [ "$1" = "hostsdate" ]; then
grep "$2" $logs | awk '{print $1}'| uniq > templist
grep "$2" $logs | awk '{print $4,$5}'| uniq > datelist
lines=`wc templist | awk '{print $1}'`
while [ "$number" -le "$lines" ]
do
hostip=`sed -n "$number p" templist`
`nslookup -sil "$hostip" | grep -i "name" | awk '{print $4}' >> lookup`
number=`expr $number + 1`
done
echo " "
echo " Access Date Host IP Address Host Name "
echo " --------------------------------------------------------- "
paste templist lookup >final
paste datelist final
rm lookup
rm templist
rm final
rm datelist
exit 1
fi
但沒有工作....我與如下工作日誌文件的格式:
153.35.83.237 - - [05/Oct/1997:01:10:48 +0100]「GET /User/GNJames/netzee/Dice.class HTTP/1.0」304 -
153.35.83.237 - - [05/Oct/1997 :01:10:49 +0100]「GET /User/GNJames/netzee/Board.class HTTP/1.0」304 -
153.35.83.237 - - [05/Oct/1997:01:10:50 + 0100]「GET /User/GNJames/netzee/Title.class HTT P/1.0「304 -
153.35.83.237 - [05/Oct/1997:01:10:51 +0100]」GET /User/GNJames/netzee/JavaButton.class HTTP/1.0「304 -
任何幫助將不勝感激!
非常感謝,我試圖減少查找次數。我採用第一種方法。另外我注意到你使用主機而不是nslookup。那是爲了解決nslookup地址解析錯誤? – 2010-11-17 22:54:37
我使用主機只是因爲它的默認輸出更容易解析,因爲它只是踢出一行:-) – 2010-11-17 23:53:21