0

我正在搜索几个包含“警告”模式的日志文件

Select-String -Path "C:\Users\xxxx\Downloads\*.log" -Pattern "WARNING"

这是输出:

C:\Users\xxxx\Downloads\ExJBJournal.exe#0000000029.log:16698:49828|P1050|T12C0|2015/09/01 12:20:02:342|CExJournalMsgThread::Run|VERBOSE|***WARNING*** Message Size: 8941 Time taken (in ms): ID calculation: 0 Rules/EMCMF: 92 IngestMsg: 480569 DeleteMsg: 480571 ProcessTime: 480576 MsgId: 577C40D906A5481F7E3D31E73CBA2931F7FB744372C5F29B00 Subject: Transfer PASS [86fd9d0be938dfccfde4fdba67765ffa463edf74]|CExJournalMsgThread.cpp(317)|Job Id: 6634608; Activity Name: APAC_SMTP01_JRN; Activity Id: 1; Activity Type: 2; SG-S1W-02

我只想列出MsgId: 577C40D906A5481F7E3D31E73CBA2931F7FB744372C5F29B00以及如何做到这一点?

4

2 回答 2

0

在您的模式中使用命名的捕获组 ( (?<name>pattern)) :Select-String

$Pattern = "WARNING.*(?<msgid>MsgId: [0-9A-F]+)"
Select-String -Path "C:\Users\xxxx\Downloads\*.log" -Pattern $Pattern |ForEach-Object {
    # Select-String returns a MatchInfo object
    # Check out the "Matches" property to find our captures
    $_.Matches[0].Group["msgid"].Value
}

现在,您的输出将类似于:

MsgId: D2ADD4EF41473659789575A6B3218B4ADE73568EA81397797A
MsgId: 7EEF23BFA56EF53204DC2CDE2AF8603A3F5F1EB0A2AE4B14C8
MsgId: E0F00C95E5A898199D18D5919D7C55E798DAD3BEB996070F6B
MsgId: 6CAF7AD931AA4FDA9905C0A8FDC696D71CF1848CED47CC6703
MsgId: 1A2AAA30727AAC9A6AED89BE37C6ABBF98FF51DED17F381AAB
MsgId: 1C8E83DD26588A2F9FF4DD31AAA3101B51DAFE5A2082F0E0EA
于 2015-09-02T12:47:55.363 回答
0

$Pattern = "WARNING.*(?MsgId: [0-9A-F]+)" $path = "XXX"

选择字符串 -Path $path*.log -Pattern $Pattern | ForEach-对象 {

$_.Matches[0].Groups["msgid"].Value

}

于 2015-09-07T03:17:07.080 回答