0

我想从日志文件中选择最近 7 天的记录也包含“OK LOGIN”

 Sat Sep  2 03:32:13 2012 [pid 12461] CONNECT: Client "66.249.68.236"
 Sat Sep  2 03:32:13 2012 [pid 12460] [ftp] OK LOGIN: Client "66.249.68.236", anon     password "gxxglxxxxt@google.com"
 Sat Sep  2 03:32:14 2012 [pid 12462] [ftp] OK DOWNLOAD: Client "66.249.68.236",   "/pub/10.5524/100001_101000/100022/readme.txt", 451 bytes, 1.39Kbyte/sec
 Sat Sep  2 03:32:22 2012 [pid 12677] CONNECT: Client "66.249.68.236"
 Sat Sep  2 03:32:23 2012 [pid 12676] [ftp] OK LOGIN: Client "66.249.68.236", anon password "xxxxxbot@google.com"

我使用这个命令,但它不起作用以及如果我想约会如何写= [当前日期 - 7 天]

 cat vsftp.log | grep 'OK LOGIN' |egrep "Sep [1-6]"
4

2 回答 2

0

您可以使用sed以下命令选择行范围并生成正则表达式date

#!/bin/bash

function md()
{
    date +'%b %e' --date "$@"
}

start=`md 'last week'`
end=`md 'now'`
grep 'OK LOGIN' | sed -n "/$start/,/$end/p"

每天至少应该登录一次。正则表达式是允许的,可能存在误报。

于 2012-09-06T06:15:56.483 回答
0

缺少一个空格:

grep 'OK LOGIN' vsftp.log | egrep "Sep  [1-6]"
于 2012-09-06T06:34:15.473 回答