date显示格式化记录
2017-11-28 本文已影响16人
Lee_M
由于现系统是中文所以显示的时间格式为中文
[root@h01 test]# date
2017年 11月 28日 星期二 22:57:29 CST
由于需要匹配的日志时间显示的为英文的
[root@zabbix test]# tail -f host.access.log
28/Nov/2017:18:45:05 +0800, - 172.16.60.43, "GET / HTTP/1.1", 403, 168, "-","Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0", "-",
28/Nov/2017:18:45:06 +0800, - 172.16.60.43, "GET / HTTP/1.1", 403, 168, "-","Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0", "-",
28/Nov/2017:18:45:06 +0800, - 172.16.60.43, "GET / HTTP/1.1", 403, 168, "-","Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0", "-",
28/Nov/2017:18:45:06 +0800, - 172.16.60.43, "GET / HTTP/1.1", 403, 168, "-","Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0", "-",
28/Nov/2017:18:45:16 +0800, - 172.16.60.43, "GET / HTTP/1.1", 403, 168, "-","Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0", "-",
29/Nov/2017:05:54:59 +0800, - 172.16.60.43, "GET / HTTP/1.1", 403, 168, "-","Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0", "-",
29/Nov/2017:05:54:59 +0800, - 172.16.60.43, "GET / HTTP/1.1", 403, 168, "-","Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0", "-",
29/Nov/2017:05:55:59 +0800, - 172.16.60.43, "GET / HTTP/1.1", 403, 168, "-","Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0", "-",
29/Nov/2017:06:05:59 +0800, - 172.16.60.43, "GET / HTTP/1.1", 404, 168, "-","Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0", "-",
29/Nov/2017:06:06:59 +0800, - 172.16.60.43, "GET / HTTP/1.1", 404, 168, "-","Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0", "-",
解决办法:
1、修改系统语言为英文
#vim /etc/sysconfig/i18n
LANGUAGE=en_US.en
参考:http://blog.csdn.net/haiross/article/details/13509657
2、单独指定date显示
加LC_ALL="C" date 即可
[root@h01 default]# date
2017年 11月 28日 星期二 23:13:14 CST
[root@h01 default]# LC_ALL="C" date
Tue Nov 28 23:13:23 CST 2017
测试脚本:
#!/bin/bash
start_time=`LC_ALL="C" date -d"1 minutes ago" +"%d/%b/%Y:%H:%M:%S"`
end_time=`LC_ALL="C" date +"%d/%b/%Y:%H:%M:%S"`
log=/usr/local/nginx-1.5.6/logs/host.access.log
echo $start_time
echo $end_time
echo | awk -F',' '{print $1,$4}' $log | awk -v start=$start_time -v end=$end_time -F ' ' 'start<=$1 && $1<=end && $3~/403|404|408|499|500|502|503/ {print $3}'
结果
[root@h01 test]# ./ngix1.sh
28/Nov/2017:23:16:59
28/Nov/2017:23:17:59
403
过滤日志时间格式与脚本日志格式一致
[root@zabbix test]# tail -f host.access.log |awk -F' ' '{print $1}'
28/Nov/2017:18:45:05
28/Nov/2017:18:45:06
28/Nov/2017:18:45:06
28/Nov/2017:18:45:06
28/Nov/2017:18:45:16
29/Nov/2017:05:54:59
29/Nov/2017:05:54:59
29/Nov/2017:05:55:59
29/Nov/2017:06:05:59
29/Nov/2017:06:06:59
