1. 将某个时间段的nginx的access.log日志进行收集
access.log日志为:
10.0.0.1 - - [14/May/2020:16:25:15 +0800] "GET /undefined HTTP/1.1" 404 153 "http://10.0.0.127:8801/" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Core/1.63.6735.400 QQBrowser/10.2.2614.400" "-"
10.0.0.1 - - [14/May/2020:16:25:25 +0800] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Core/1.63.6735.400 QQBrowser/10.2.2614.400" "-"
10.0.0.1 - - [14/May/2020:16:25:28 +0800] "GET /undefined HTTP/1.1" 404 153 "http://10.0.0.127:8801/" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Core/1.63.6735.400 QQBrowser/10.2.2614.400" "-"
思路:怎么进行时间段的比较,怎么将该时间段内产生日志的行号记录下来,怎么通过行号进行收集
解决:
(1)通过查找awk命令发现,它里面可以让格式一定的时间戳进行对比,而且能通过-v传变量,但是在执行过程中像bash 1.sh 1 2
不能将$1、$2传入一条命令的第二个awk的变量中;
(2)#sed –n 数字+p 1.txt 则可以对特定行号的内容打印出来
于是有方式一:
cat x.sh
#!/bin/bash
fx() {
cat /usr/'local'/nginx/logs/access.log |awk