Python-从日志文件读取10分钟
[英]Python - read 10min from log file
问题描述
I need some tool to read latest 10 minutes entry in my log file, and if some words are logged then print some text. 
我需要一些工具来读取我的日志文件中最近的10分钟条目,并且如果记录了一些单词,则输出一些文本。
log file: 日志文件:
23.07.2014 09:22:11 INFO Logging.LogEvent 0 Failed login test@test.com
23.07.2014 09:29:02 INFO Logging.LogEvent 0 login test@test.com
23.07.2014 09:31:55 INFO Logging.LogEvent 0 login test@test.com
23.07.2014 09:44:14 INFO Logging.LogEvent 0 Failed login test@test.com
if during last 10min some entry = Failed -print ALARM. 如果在最后10分钟内某项=失败-打印警报。
All what i did is find 'Failed' match but i have no idea how to check last 10min in my log file ;/ -any idea?? 我所做的只是找到“失败”的匹配项,但是我不知道如何在日志文件中检查最后10分钟; /-任何想法?
from sys import argv
from datetime import datetime, timedelta
with open('log_test.log', 'r') as f:
for line in f:
try:
e = line.index("Failed")
except:
pass
else:
print(line)
2 个解决方案
解决方案1
0 2014-07-24 12:04:39
Your format %d.%m.%Y is worse than %Y:%m:%d which can be used in string comparison. 您的格式%d.%m.%Y比可用于字符串比较的%Y:%m:%d差。
We also do not know if log is big and if it is sorted. 我们还不知道日志是否很大以及是否已排序。 If it is not sorted (it is common for multithreaded applications) you will have to analyze each line and convert it into datetime: 如果未排序(在多线程应用程序中很常见),则必须分析每一行并将其转换为日期时间:
def get_dt_from_line(s):
return datetime.datetime.strptime(s[:20], '%d.%m.%Y %H:%M:%S')
Then use it as filter (for small files): 然后将其用作过滤器(用于小文件):
MAX_CHECK_TIMEDELTA = datetime.timedelta(minutes=10)
LOG_START_ANALYZE_DATETIME = (datetime.datetime.today() - MAX_CHECK_TIMEDELTA)
lines = [s for s in TXT.split('\n') if 'Failed' in s and get_dt_from_line(s) >= LOG_START_ANALYZE_DATETIME]
print('\n'.join(lines))
For big files you can read file line by line. 对于大文件,您可以逐行读取文件。
If your log file is just for one day you can use string comparison instead of datetime comparison: 如果您的日志文件只有一天的时间,则可以使用字符串比较而不是日期时间比较:
LOG_START_ANALYZE_DATETIME = (datetime.datetime.today() - datetime.timedelta(minutes=10)).strftime('%d.%m.%Y %H:%M:%S')
lines = [s for s in TXT.split('\n') if 'Failed' in s and s >= LOG_START_ANALYZE_DATETIME]
解决方案2
-1 2014-07-24 11:48:14
If I were you, I would lookup line by line, get the timestamp of the first line and then iterate until the difference between the first date and the current one is more than 10 minutes, while counting occurences of the word "Failed". 如果您是我,我将逐行查找,获取第一行的时间戳,然后进行迭代直到第一个日期与当前日期之间的差超过10分钟,同时计算出现“失败”一词的次数。
I think that you'll sort something out with splitting your line following spaces. 我认为您可以通过在空格后分割行来解决问题。 But be careful as if someday, your log format changes, your script is likely not gonna be working too. 但是要小心,好像某天您的日志格式改变了,您的脚本可能也无法正常工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.