Nagios Log Bonding

Nagios Log Format timestamp script

logformat.sh

#!/bin/bash# format conversion of Nagios log time Name=$1perl-i-pe ' ($t) = ($_ =~ m/^\[(\d+) \]/); $nice =scalar localtime $t; s/^\[(\d+) \]/[$nice]/' ${name}

You can execute bash logformat.sh plus your log file name

Format before conversion:

[1470255922] EXTERNAL Command:process_service_check_result;192.168.123.456;cluster;0;ok

Post-conversion format:

[Wed Jul 27 00:00:00 2016] Current HOST state:192.168.666.999; up; hard;1; PING Ok-packet loss = 0, RTA = 0.33 ms

Requirements: Get log information for the specified time period

line_number= ' cat-n filename |grep ' matches the keyword "|head-n 1 '

#为什么加 head-n 1? Because there might be more lines, I'm sure I'll take the first line number.

Tail-n + $Line _number filename #得到从匹配行到页末

line_number= ' cat-n filename |grep ' matches the keyword "|tail-n 1 '

#因为可能多行一样的, I want to take the line number from the beginning to the last occurrence.

Head-n + $Line _number filename #得到从页首到匹配的最后一行

We use the above method to get two indeterminate line numbers, and then use the following method to get the content we want

Sed-n ' x,yp ' filename #打印文件指定行的内容

Keywords get:

The reason I didn't use the Linux timestamp was because the Linux timestamp was so precise that I wasn't sure if the log information was generated at that time

Env Lang=en_us. UTF-8 Date + "%h%d%h" #这种格式是为了匹配我的日志格式化后的日志

Env Lang=en_us. UTF-8 Date + "%h%d:" #得到今天的零点的日志

Env Lang=en_us. UTF-8 Date + "%h%d:" #得到今天的下午四点的日志

Env Lang=en_us. UTF-8 date-d "1 day Ago" + "%h%d:" #得到前一天下午三点的日志

#!/bin/bash#filename:text.shkey_point= ' env Lang=en_us. UTF-8 date-d "1 day Ago" + "%h%d:" ' filename=/var/log/nagios3/kpnagios/mail.txtline_number= ' cat-n $filename |grep "$ Key_point "|head-n 1|awk ' {print $} ' #为什么加 Head-n 1? Because there might be more lines, I'm sure I'll take the first line number. Tail-n + $Line _number $filename >>kpshju1 #得到从匹配行到页末

This article from "A few" blog, declined reprint!

Nagios Log Bonding