1. 首頁
  2. 問答
  3. 監視應用程序日誌並提取錯誤計數

監視應用程序日誌並提取錯誤計數

2014-09-04 29 views
0

我對Unix命令非常陌生,並且想知道下面的操作腳本。監視應用程序日誌並提取錯誤計數

  1. 需要閱讀應用程序日誌並在過去的半小時內拉出所有錯誤。
  2. 獲取每個錯誤的唯一計數。
  3. 將錯誤計數郵寄給團隊。

已採取的步驟: 我已經使用grep for關鍵字錯誤讀取文件,並將其寫入單獨的文件。 給予文件許可。

感謝您的幫助。

代碼段:

#!/bin/sh 
cd Service/apache-tomcat-7.0.33/logs 
for file in catalina.out; do 
grep "ERROR" $file >error.txt 
done 
chmod 0777 error.txt

抽樣日誌

2014-09-03 16:45:36,814 ERROR xxxService: Could not find tool with id 365 intable: 
2014-09-03 16:45:56,444 ERROR yyyService: summary counts not returned from accessor for xxxx, 1, mapParams 
2014-09-03 16:45:56,444 ERROR yyyService: summary counts not returned from accessor for xxxx, 2, mapParams 
2014-09-03 16:45:56,445 ERROR yyyService: summary counts not returned from accessor for xxxx, 3, mapParams 
2014-09-03 16:45:56,445 ERROR yyyService: summary counts not returned from accessor for xxxx, 4, mapParams 
2014-09-03 16:45:56,445 ERROR yyyService: summary counts not returned from accessor for xxxx, 5, mapParams 
2014-09-03 16:46:00,077 ERROR yyyService: summary counts not returned from accessor for xxxx, 1, mapParams 
2014-09-03 16:46:00,078 ERROR yyyService: summary counts not returned from accessor for xxxx, 2, mapParams 
2014-09-03 16:46:00,078 ERROR yyyService: summary counts not returned from accessor for xxxx, 3, mapParams 
2014-09-03 16:46:00,078 ERROR yyyService: summary counts not returned from accessor for xxxx, 4, mapParams 
2014-09-03 16:46:00,079 ERROR yyyService: summary counts not returned from accessor for xxxx, 5, mapParams 
2014-09-03 16:46:05,415 ERROR yyyService: summary counts not returned from accessor for xxxx, 1, mapParams 
2014-09-03 16:46:05,416 ERROR yyyService: summary counts not returned from accessor for xxxx, 2, mapParams 
2014-09-03 16:46:05,416 ERROR yyyService: summary counts not returned from accessor for xxxx, 3, mapParams 
2014-09-03 16:46:05,416 ERROR yyyService: summary counts not returned from accessor for xxxx, 4, mapParams 
2014-09-03 16:46:05,417 ERROR yyyService: summary counts not returned from accessor for xxxx, 5, mapParams 
2014-09-03 16:46:59,881 ERROR yyyService: summary counts not returned from accessor for xxxx, 5, mapParams 
2014-09-03 16:47:03,109 ERROR ErrorManager: 1409780823108: A General Exception Occurred 
    null 
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) 
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57) 
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) 

Error Message Count 
ERROR xxxService: Could not find tool with id 365 intable: 1 
ERROR yyyService: summary counts not returned from accessor for xxxx, 1, mapParams 3 
ERROR yyyService: summary counts not returned from accessor for xxxx, 2, mapParams 3 
ERROR yyyService: summary counts not returned from accessor for xxxx, 3, mapParams 3 
ERROR yyyService: summary counts not returned from accessor for xxxx, 4, mapParams 3 
ERROR yyyService: summary counts not returned from accessor for xxxx, 5, mapParams 4 
ERROR ErrorManager: 1409780823108: A General Exception Occurred 1

來源

2014-09-04 Vigneshwaran

+0

請提供日誌文件的樣本輸出,包括一些線路是錯誤,還有一些不是。 – lxg 2014-09-04 19:14:59

+0

@lxg:感謝您寶貴的時間閱讀我的疑問,並提供您現在需要的信息。再次感謝 – Vigneshwaran 2014-09-04 20:23:41

+0

哪些信息表明錯誤的類型? (你說你想按錯誤類型對它進行分組。)是xxxService/yyyService列嗎? – lxg 2014-09-04 21:05:44

回答

0

我真的不能寫一個完整的腳本,因爲我並不完全清楚自己想要什麼,但這裏有一個策略。

  1. grep文件的字符串'錯誤'(看起來你已經這樣做了)。
  2. 使用'cut -d''-f4提取第四個空格分隔的字段(yyyService)。
  3. 將輸出管道排序,然後uniq -c獲取計數。
  4. 管這樣的結果爲「郵件」

所以,你最終的東西是這樣的:

grep ERROR /shipmentService/apache-tomcat-7.0.33/logs/catalina.out | cut -d ' ' -f4 | sort | uniq -c | mail -s "This is the subject" [email protected]

來源

2014-09-04 21:38:25

+0

感謝您分享此腳本。你如何獲得最後30分鐘的日誌。 – Vigneshwaran 2014-09-05 14:28:54

+0

這部分我不太確定 - 也許你可以預處理文件,提取時間戳並在'30分鐘前'取回所有內容。然後將該文件傳入我的代碼上面? – 2014-09-05 15:09:56

相關問題

 相關問題