删除web服务器日志文件中超过X天的行?
删除web服务器日志文件中超过X天的行?
提问于 2018-02-11 21:45:06
我使用默认的“main”日志格式在Ubuntu上运行Nginx,它产生的输出如下:
95.108.181.102 - - [11/Feb/2018:11:43:10 +0000] "GET /blog/ HTTP/1.1" 200 4438 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" "-"
我有一个从不旋转的主日志文件,与GoAccess (日志解析/报告软件)一起使用。我希望删除该文件中日志条目超过30天的行。这能做到吗,最好是用一条巴什单线?
我计划将此添加到现有的每日cronjob中,以生成一份滚动的30天报告。我希望使用类似这样的东西,但我无法完全正确地解析日志:sed -i '/ --date="-30 days"/d' example.log
回答 1
Unix & Linux用户
回答已采纳
发布于 2018-02-11 22:33:41
GNU awk解决方案:
样本test.log:
95.108.181.102 - - [11/Feb/2018:11:43:10 +0000] "GET /blog/ HTTP/1.1" 200 4438 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" "-"
95.108.181.102 - - [11/Aug/2017:11:43:10 +0000] "GET /blog/ HTTP/1.1" 200 4438 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" "-"
95.108.181.102 - - [01/Jan/2018:11:43:10 +0000] "GET /blog/ HTTP/1.1" 200 4438 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" "-"
95.108.181.102 - - [11/Feb/2018:11:43:10 +0000] "GET /blog/ HTTP/1.1" 200 4438 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" "-"awk -v m1_ago=$(date -d"-1 month" +%s) \
'BEGIN{
split("Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec", month);
for (i in month) m_nums[month[i]] = i
}
{ split(substr($4,2), a, "[/:]") }
mktime(sprintf("%d %d %d %d %d %d", a[3], m_nums[a[2]], a[1], a[4], a[5], a[6])) > m1_ago
' test.log > tmp_log && mv tmp_log test.log最终test.log内容:
95.108.181.102 - - [11/Feb/2018:11:43:10 +0000] "GET /blog/ HTTP/1.1" 200 4438 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" "-"
95.108.181.102 - - [11/Feb/2018:11:43:10 +0000] "GET /blog/ HTTP/1.1" 200 4438 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" "-"页面原文内容由Unix & Linux提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://unix.stackexchange.com/questions/423462
复制相关文章
相似问题
腾讯云开发者
