使用正则表达式,PHP解析日志文件
[英]Parse a log file with regex, PHP
问题描述
I'm absolutely terrible at regex; 
我在regex上绝对糟糕。 can anyone help me solve the expression I need in order to separate two values I need from a log file? 谁能帮助我解决需要从表达式文件中分离出我需要的两个值的表达式?
Log file example. 日志文件示例。
1/28/2013 8:43:22 PM Removed {178.76.234.41}
1/28/2013 8:43:22 PM Removed {78.105.26.0}
1/28/2013 8:43:22 PM Removed {24.165.198.12}
1/28/2013 8:43:23 PM Added {178.76.234.41}
1/28/2013 8:43:23 PM Added {69.246.227.43}
With my current code I am able to separate the IP address, however I now need both the state (added/removed) and the IP address. 使用我当前的代码,我可以分离IP地址,但是现在我需要状态(添加/删除)和IP地址。 Here is my current code. 这是我当前的代码。
preg_match_all("/.*{(.*)}.*/", $a, $b);
What do I need to replace "/. {(. )}.*/" with in order to grab both the state and the IP address to store into the array? 我需要做什么来取代“/ {()} * /”,以便抓住这两个国家并存储到阵列的IP地址?
3 个解决方案
解决方案1
3 2013-01-29 03:04:58
You don't actually need a regular expression to match this. 您实际上不需要正则表达式来匹配它。 You can split it on whitespace using preg_split() and \\s+ as your delimiter, and then strip off the braces {} from the IP address with a simple function like trim() . 您可以使用preg_split()和\\s+作为分隔符在空格上进行分割,然后使用trim()类的简单功能从IP地址中删除括号{} 。
$output = array();
// While reading line by line...
$parts = preg_split('/\s+/', $line);
$output[] = array(
'state' => $parts[3],
'ip' => trim($parts[4], '{}')
);
http://codepad.viper-7.com/fD8kgQ http://codepad.viper-7.com/fD8kgQ
解决方案2
1 已采纳 2013-01-29 03:04:19
If those are the only two words you need to include, have you tried something like this? 如果只有这两个单词需要说明,您是否尝试过类似的方法?
preg_match_all("~(Removed|Added)\s+{(.*)}~i", $a, $b);
So in total: 因此总计:
$a = '1/28/2013 8:43:22 PM Removed {178.76.234.41}
1/28/2013 8:43:22 PM Removed {78.105.26.0}
1/28/2013 8:43:22 PM Removed {24.165.198.12}
1/28/2013 8:43:23 PM Added {178.76.234.41}
1/28/2013 8:43:23 PM Added {69.246.227.43}';
preg_match_all("~(Removed|Added)\s+{(.*)}~i", $a, $b);
print_r($b);
And resulting in this: 结果是:
Array ( [0] => Array ( [0] => Removed {178.76.234.41} [1] => Removed {78.105.26.0} [2] => Removed {24.165.198.12} [3] => Added {178.76.234.41} [4] => Added {69.246.227.43} ) [1] => Array ( [0] => Removed [1] => Removed [2] => Removed [3] => Added [4] => Added ) [2] => Array ( [0] => 178.76.234.41 [1] => 78.105.26.0 [2] => 24.165.198.12 [3] => 178.76.234.41 [4] => 69.246.227.43 ) )
解决方案3
1 2013-01-29 03:32:00
I think this works for you; 我认为这对您有效;
$s = '1/28/2013 8:43:22 PM Removed {178.76.234.41}
1/28/2013 8:43:22 PM Removed {78.105.26.0}
1/28/2013 8:43:22 PM Removed {24.165.198.12}
1/28/2013 8:43:23 PM Added {178.76.234.41}
1/28/2013 8:43:23 PM Added {69.246.227.43}';
preg_match_all('~(?P<TIME>.*PM)\s+(?P<STATE>Added|Removed)\s+{(?P<IP>.*)}~i', $s, $m, PREG_SET_ORDER);
print_r($m);
// or
foreach ($m as $log) {
printf("Time: %s, State: %s, Ip: %s\n", $log['TIME'], $log['STATE'], $log['IP']);
// Time: 1/28/2013 8:43:22 PM, State: Removed, Ip: 178.76.234.41 ...
}
Out; 出;
Array
(
[0] => Array
(
[0] => 1/28/2013 8:43:22 PM Removed {178.76.234.41}
[TIME] => 1/28/2013 8:43:22 PM
[1] => 1/28/2013 8:43:22 PM
[STATE] => Removed
[2] => Removed
[IP] => 178.76.234.41
[3] => 178.76.234.41
)
[1] => Array
(
[0] => 1/28/2013 8:43:22 PM Removed {78.105.26.0}
[TIME] => 1/28/2013 8:43:22 PM
[1] => 1/28/2013 8:43:22 PM
[STATE] => Removed
[2] => Removed
[IP] => 78.105.26.0
[3] => 78.105.26.0
)
...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.