Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
616 views
in Technique[技术] by (71.8m points)

awk - PHP logs for last 1 minute

I need last 1 minute logs of PHP-fpm for automating alert generation and to use webhooks on other applications. I have used below mentioned command

awk -v d1="$(date --date '-60 min' '+%d/%b/%Y:%T')" '{gsub(/^[[]+/, "", $1);}; $1 > d1' /var/www/logs/php/php7.3-fpm.log | grep "max_children"

but if i replace it to -10000 min it shows all logs in current file. LOG FORMAT IS GIVEN BELOW.

[24-Jan-2021 03:28:09] WARNING: [pool cormier] server reached max_children setting (10), consider raising it
[24-Jan-2021 07:25:34] WARNING: [pool cormier] server reached max_children setting (10), consider raising it
[24-Jan-2021 17:00:52] WARNING: [pool cormier] server reached max_children setting (10), consider raising it
[24-Jan-2021 17:18:07] WARNING: [pool cormier] server reached max_children setting (10), consider raising it
[24-Jan-2021 21:11:06] WARNING: [pool cormier] server reached max_children setting (10), consider raising it
[24-Jan-2021 21:54:27] WARNING: [pool cormier] server reached max_children setting (10), consider raising it
[25-Jan-2021 01:24:12] WARNING: [pool cormier] server reached max_children setting (10), consider raising it
[25-Jan-2021 13:24:12] WARNING: [pool cormier] server reached max_children setting (10), consider raising it```
question from:https://stackoverflow.com/questions/65886455/php-logs-for-last-1-minute

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Using GNU awk:

awk 'BEGIN { map["Jan"]="01";map["Feb"]="02";map["Mar"]="03";map["Apr"]="04";map["May"]="05";map["Jun"]="06";map["Jul"]="07";map["Aug"]="08";map["Sep"]="09";map["Oct"]="10";map["Nov"]="11";map["Dec"]="12";} { dat=substr($1,9,4)" "map[substr($1,5,3)]" "substr($1,2,2);gsub("]"," ",$2)gsub(":"," ",$2);if ((systime() - mktime(dat" "$2))<=60) { print $0 } }' logfile

Explanation:

awk 'BEGIN {                                                    # create an array map with month (short terms) to month numbers
             map["Jan"]="01";
             map["Feb"]="02";
             map["Mar"]="03";
             map["Apr"]="04"; 
             map["May"]="05";
             map["Jun"]="06";
             map["Jul"]="07";
             map["Aug"]="08";
             map["Sep"]="09";
             map["Oct"]="10";
             map["Nov"]="11";
             map["Dec"]="12";
           } 
           { 
             dat=substr($1,9,4)" "map[substr($1,5,3)]" "substr($1,2,2);     # Create a variable dat with date in a format that can be converted to epoch format
             gsub("]"," ",$2);                                              # Convert time to format that can be converted to epoch format with mktime function
             gsub(":"," ",$2);
             if ((systime() - mktime(dat" "$2))<=600) { 
                print                                                       # If difference between epoch time now (systime) and epoch time of first and second fields is less than or greater than 60, print.
             } 
            }' logfile

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...