Python日期时间1970-01-01 07:00:07
[英]Python Datetime 1970-01-01 07:00:07
问题描述
I have code snippet like this: 
我有这样的代码片段:
import re
from datetime import datetime as dt
from pprint import pprint as pp
__lin_regex = "(.*)msg='(.*)'"
events = [
"type=USER_AUTH msg=audit(1565448223.294:46713): pid=4499 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication op-test acct=\"root\" exe=\"/usr/sbin/sshd\" hostname=49.88.112.75 addr=49.88.112.75 terminal=ssh res=failed'"
]
logs = {}
for event in events:
vm_info = ['name', 'id']
results = ''.join(list(re.match(__lin_regex, event).groups()))
split_results = results.split(' ')
split_results_length = len(split_results)
for i in range(0, split_results_length-1):
if split_results[i].find('=') == -1:
split_results[i - 1] = split_results[i - 1] + ' ' + split_results[i]
split_results.remove(split_results[i])
pid = split_results.pop(2).split('=')[1]
if pid not in logs:
logs[pid] = vm_info + [pid] + [item.split('=')[1] for item in split_results]
logs[pid][4] = dt.fromtimestamp(int(float(re.findall("([0-9.]+):", logs[pid][4])[0]))).strftime("%Y-%m-%d %H:%M:%S")
pp(logs)
But when I have large amount of events, their output it 1970-01-01 07:00:07, when I try to print 1000 data still works, but when I print it all it didn't work, any idea? 但是,当我有大量事件时,它们的输出是1970-01-01 07:00:07,当我尝试打印1000个数据时仍然有效,但是当我将其打印时,所有操作均无效,您知道吗?
1 个解决方案
解决方案1
1 2019-09-09 04:00:09
Had a look at your code, and for the sake of it, replaced / added the following lines, which let me do 10,000 events with the same timestamp but different pid's : 看了一下您的代码,为了方便起见,替换/添加了以下几行,这些行使我可以使用相同的时间戳记但使用不同的pid's来执行10,000个事件:
events = [
"type=USER_AUTH msg=audit(1565448223.294:46713): pid=4499 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication op-test acct=\"root\" exe=\"/usr/sbin/sshd\" hostname=49.88.112.75 addr=49.88.112.75 terminal=ssh res=failed'"
] * 10000
for i, event in enumerate(events):
events[i] = event.replace("pid=4499", "pid="+str(4499+i))
The date string output for all 10,000 events was correct, so I think the issue would likely have to do with (a) your regex, or (b) your input data. 所有10,000个事件的日期字符串输出都是正确的,因此我认为问题可能与(a)您的正则表达式或(b)您的输入数据有关。
The way I would debug it, if I were you, is to just use pdb , and look for the example output you're seeing, eg: 如果是您,我调试它的方法是只使用pdb ,然后查找您看到的示例输出,例如:
import pdb
... rest of your code ...
logs[pid][4] = dt.fromtimestamp(int(float(re.findall("([0-9.]+):", logs[pid][4])[0]))).strftime("%Y-%m-%d %H:%M:%S")
if logs[pid][4] == "1970-01-01 07:00:07":
pdb.set_trace()
At that point, in the interactive debugger you can have a look at the variables involved & see what your input event string is that's causing the problem (chances are, the data isn't as well-formatted as you expect it to be). 到那时,您可以在交互式调试器中查看所涉及的变量并查看导致问题的输入event字符串是什么(可能是,数据的格式不如您期望的那样)。 If it's not obvious, you may be able to tell what's going on by just stepping through the code using n & inspecting variable assignments. 如果不是很明显,您可以通过使用n逐步检查代码并检查变量分配来判断发生了什么。
You can use !import code; code.interact(local=vars()) 您可以使用!import code; code.interact(local=vars()) !import code; code.interact(local=vars()) in the debugger to bring the local variables into a normal python shell if you're having trouble with name clashes due to debugger commands. 如果由于调试器命令而导致名称冲突时遇到问题,请在调试器中使用!import code; code.interact(local=vars())将本地变量带入普通的python shell中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.