最后用 sed 和 awk 解析以创建 csv 文件
[英]Parsing last with sed and awk to create a csv file
问题描述
So, I am trying to create a awk script to go through the output of the last command so that I can convert it to a csv file.
因此,我正在尝试创建一个 awk 脚本来检查最后一个命令的输出,以便我可以将其转换为 csv 文件。 The problem I am having is that lines are matching several times and I am not sure how to prevent it from happening;我遇到的问题是线路多次匹配,我不知道如何防止它发生; and I am by no means an awk expert ( part of the reason for this exercise )而且我绝不是 awk 专家(此练习的部分原因)
The reason for the sed insertions are for missing "columns". sed 插入的原因是缺少“列”。
command to massage last command and invoke the awk script:命令按摩最后一个命令并调用 awk 脚本:
last -w -F | sed -r 's/[[:space:]{23,}/ unknown /;s/(crash|down)/\1 unknown /' | awk -f awktest.awk
( as a side note, the sub in here was before I decided to test inserting columns with sed ) (作为旁注,这里的 sub 是在我决定用 sed 测试插入列之前)
awktest.awk awktest.awk
BEGIN { print "user,tty/pts,connection_from,login_time,state,logoff_time,total_time"}
{if ($1 ~/reboot/) {print $1","$2","$3","$4","($5" "$6" "$7" "$8" "$9)","$10","($11" "$12" "$13" "$14" "$15","$16)}}
{if ($1 ~/root/ && $2 ~/tty/) { sub($3,"null") ; print $1","$2","$3","($4" "$5" "$6" "$7" "$8)","$9","($10","$11","$12" "$13" "$14)}}
#{if ( NF > 14) { print $1","$2","$3","($4" "$5" "$6" "$7" "$8 )","$9","($10" "$11" "$12" "$13" "$14)","$15 }}
{if ($3 == "unknown" && $11 !="unknown") { print $1","$2","$3","($4" "$5" "$6" "$7" "$8 )","$9","($10" "$11" "$12" "$13" "$14)","$15 }}
#{if ($3 == "unknown") { print $1","$2","$3","( $4" "$5" "$6" "$7" "$8 )","$9","($10","$11",")$12}}
{if ($11 == "unknown") { print $1","$2","$3","( $4" "$5" "$6" "$7" "$8 )","$9","($10","$11",")$12}}
As you can see, I have tried multiple ways , and there are either duplicates or there are missing lines.如您所见,我尝试了多种方法,要么有重复,要么有缺行。 The duplicates are clear:重复很明显:
root,tty2,null,Sun Jul 19 13:25:38 2020,-,down,unknown,(00:01)
root,tty2,null,Sun Jul 19 13:25:38 2020,-,down,unknown,(00:01)
Yeah, I know, not pretty;是的,我知道,不漂亮; but I was experimenting;但我正在试验; and I am stuck and have been reading the sed and awk book and googling like crazy and making no headway;我被困住了,一直在阅读 sed 和 awk 的书,疯狂地谷歌搜索,但没有取得任何进展; and at this point I think I have looked too long at it to make any progress.在这一点上,我想我已经看得太久了,没有取得任何进展。
What am I doing wrong?我究竟做错了什么?
# edit for clarity # 为清晰起见进行编辑
( some whitespace was removed to make it cleaner) Examples of last command : (删除了一些空格以使其更干净)最后一个命令的示例:
root tty3 Mon Jun 8 09:49:56 2020 - down (00:00)
foo :0 0 Mon Jun 8 09:49:16 2020 - down (00:01)
reboot system boot 5.6.16-300.fc32.x86_64 Mon Jun 8 09:48:28 2020 - Mon Jun 8 09:50:54 2020 (00:02)
roncioiu :0 Thu Jun 18 10:19:29 2020 - Thu Jun 18 10:20:19 2020 (00:00)
# desired state columns: # 所需状态列:
- the time stamps count as one column as they are in ()时间戳记为一列,因为它们在 ()
"user,tty/pts,connection_from,login_time,state,logoff_time,total_time"
1 个解决方案
解决方案1
1 2020-09-17 04:43:31
So I eventually settled on a one liner and abandoned the script thanks to gentle prodding by @tink .因此,由于@tink 的温和刺激,我最终选择了单线并放弃了剧本。 With just a little bit of data munging.只需要一点点数据处理。
Thanks for the tip!谢谢你的提示! I was losing my sanity doing it the other way.反其道而行之,我就失去理智了。
last -a -w --time-format iso | sed -r 's/\sboot\s//g;/^$/d;/wtmp/d;/(crash|down)/s/$/ unknown /' | awk 'BEGIN { print "user,pts/tty,login_time,state,logoff_time,total_time,host "} { print $1","$2","$3","$4","$5","$6","$7}'
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.