本文讨论了如何在Linux环境中处理连续数据流,特别是如何使用grep、awk和sed工具实时过滤和处理日志或其他流式数据。通过示例展示了在数据流中使用grep的限制,推荐使用awk进行实时处理,并提到了sed作为流编辑器的适用场景。此外,还介绍了如何结合tail命令和标志来跟踪文件变化并捕获特定匹配项。
本文翻译自:How to 'grep' a continuous stream?
Is that possible to use grep on a continuous stream? 可以在连续流上使用grep吗?
What I mean is sort of a tail -f <file> command, but with grep on the output in order to keep only the lines that interest me. 我的意思是有点tail -f <file>命令,但是在输出中使用grep以便仅保留我感兴趣的行。
I've tried tail -f <file> | grep pattern 我已经试过tail -f <file> | grep pattern tail -f <file> | grep pattern but it seems that grep can only be executed once tail finishes, that is to say never. tail -f <file> | grep pattern但似乎只能在tail完成后才执行grep ,也就是说永远不会执行。
#1楼
参考:https://stackoom.com/question/U37F/如何-grep-连续流
#2楼
Use awk(another great bash utility) instead of grep where you dont have the line buffered option! 如果没有行缓冲选项,请使用awk(另一个出色的bash实用程序)代替grep! It will continuously stream your data from tail. 它将持续从尾部流式传输您的数据。
this is how you use grep 这就是你使用grep的方式
tail -f <file> | grep pattern
This is how you would use awk 这就是你使用awk的方式
tail -f <file> | awk '/pattern/{print $0}'
#3楼
In most cases, you can tail -f /var/log/some.log |grep foo and it will work just fine. 在大多数情况下,您可以在tail -f /var/log/some.log |grep foo ,它将正常工作。
If you need to use multiple greps on a running log file and you find that you get no output, you may need to stick the --line-buffered switch into your middle grep(s), like so: 如果您需要在运行中的日志文件上使用多次抓取,但发现没有任何输出,则可能需要将--line-buffered开关粘贴到中间的 grep中,如下所示:
tail -f /var/log/some.log | grep --line-buffered foo | grep bar
#4楼
you may consider this answer as enhancement .. usually I am using 您可能会将此答案视为增强..通常我正在使用
tail -F <fileName> | grep --line-buffered <pattern> -A 3 -B 5
-F is better in case of file rotate (-f will not work properly if file rotated) -F在文件旋转的情况下更好(如果文件旋转,-f将无法正常工作)
-A and -B is useful to get lines just before and after the pattern occurrence .. these blocks will appeared between dashed line separators -A和-B对于在模式发生之前和之后获取行很有用..这些块将出现在虚线分隔符之间
But For me I prefer doing the following 但对我来说,我更喜欢执行以下操作
tail -F <file> | less
this is very useful if you want to search inside streamed logs. 如果要在流式日志中进行搜索,这将非常有用。 I mean go back and forward and look deeply 我的意思是来回向前看
#5楼
sed would be a better choice ( stream editor) sed是更好的选择( 流编辑器)
tail -n0 -f <file> | sed -n '/search string/p'
and then if you wanted the tail command to exit once you found a particular string: 然后,如果您希望在找到特定字符串后退出tail命令:
tail --pid=$(($BASHPID+1)) -n0 -f <file> | sed -n '/search string/{p; q}'
Obviously a bashism: $BASHPID will be the process id of the tail command. 显然是一种批评:$ BASHPID将是tail命令的进程ID。 The sed command is next after tail in the pipe, so the sed process id will be $BASHPID+1. sed命令位于管道尾部之后,因此sed进程ID为$ BASHPID + 1。
#6楼
If you want to find matches in the entire file (not just the tail), and you want it to sit and wait for any new matches, this works nicely: 如果您想在整个文件中查找匹配项(而不仅仅是尾部),并且希望它坐下来等待任何新的匹配项,则效果很好:
tail -c +0 -f <file> | grep --line-buffered <pattern>
The -c +0 flag says that the output should start 0 bytes ( -c ) from the beginning ( + ) of the file. -c +0标志表示输出应从文件的开头( + )开始0个字节( -c )。
扫一扫
3515
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
