Linux日志查看之awk命令使用实例,linux日志awk实例


基本用法

log.txt 文本内容如下:

2 this is a test
3 Are you like awk
This's a test
10 There are orange,apple,mongo

用法一:awk '{[pattern] action}' {filenames}

# 每行按空格或TAB分割,输出文本中的1、4项
[root@peipei3514 usr]# awk '{print $1,$4}' log.txt
2 a
3 like
This's 
10 orange,apple,mongo

# 格式化输出
[root@peipei3514 usr]# awk '{printf "%-8s %-10s\n",$1,$4}' log.txt
2        a         
3        like      
This's             
10       orange,apple,mongo

用法二:awk -F ,-F相当于内置变量FS, 指定分割字符

# 使用","分割
[root@peipei3514 usr]# awk -F , '{print $1,$2}' log.txt
2 this is a test 
3 Are you like awk 
This's a test 
10 There are orange apple

# 或者使用内建变量
[root@peipei3514 usr]# awk 'BEGIN{FS=","} {print $1,$2}' log.txt
2 this is a test 
3 Are you like awk 
This's a test 
10 There are orange apple

# 使用多个分隔符。先使用空格分割,然后对分割结果再使用","分割
[root@peipei3514 usr]# awk -F '[ ,]' '{print $1,$2,$5}' log.txt
2 this test
3 Are awk
This's a 
10 There apple

用法三:awk -v ,设置变量

[root@peipei3514 usr]# awk -v a=1 '{print $1,$1+a}' log.txt
2 3
3 4
This's 1
10 11
[root@peipei3514 usr]# awk -va=1 -vb=s '{print $1,$1+a,$1b}' log.txt
2 3 2s
3 4 3s
This's 1 This'ss
10 11 10s

用法四:awk -f {awk脚本} {文件名}

[root@peipei3514 usr]# awk -f cal.awk log.txt

运算符

这里写图片描述

# 过滤第一列大于2的行
[root@peipei3514 usr]# awk '$1>2' log.txt
3 Are you like awk
This's a test
10 There are orange,apple,mongo

# 过滤第一列等于2的行
[root@peipei3514 usr]# awk '$1==2 {print $1,$3}' log.txt
2 is

# 过滤第一列大于2并且第二列等于'Are'的行
[root@peipei3514 usr]# awk '$1>2 && $2=="Are" {print $1,$2,$3}' log.txt
3 Are you

内建变量

这里写图片描述

[root@peipei3514 usr]# awk 'BEGIN{printf "%4s %4s %4s %4s %4s %4s %4s %4s %4s\n","FILENAME","ARGC","FNR","FS","NF","NR","OFS","ORS","RS";printf "---------------------------------------------\n"} {printf "%4s %4s %4s %4s %4s %4s %4s %4s %4s\n",FILENAME,ARGC,FNR,FS,NF,NR,OFS,ORS,RS}'  log.txt
FILENAME ARGC  FNR   FS   NF   NR  OFS  ORS   RS
---------------------------------------------
log.txt    2    1         5    1         


log.txt    2    2         5    2         


log.txt    2    3         3    3         


log.txt    2    4         4    4         


[root@peipei3514 usr]# awk -F\' 'BEGIN{printf "%4s %4s %4s %4s %4s %4s %4s %4s %4s\n","FILENAME","ARGC","FNR","FS","NF","NR","OFS","ORS","RS";printf "---------------------------------------------\n"} {printf "%4s %4s %4s %4s %4s %4s %4s %4s %4s\n",FILENAME,ARGC,FNR,FS,NF,NR,OFS,ORS,RS}'  log.txt
FILENAME ARGC  FNR   FS   NF   NR  OFS  ORS   RS
---------------------------------------------
log.txt    2    1    '    1    1         


log.txt    2    2    '    1    2         


log.txt    2    3    '    2    3         


log.txt    2    4    '    1    4         


[root@peipei3514 usr]# awk '{print NR,FNR,$1,$2,$3}' log.txt
1 1 2 this is
2 2 3 Are you
3 3 This's a test
4 4 10 There are
[root@peipei3514 usr]# awk '{print $1,$2,$5}' OFS=" $ " log.txt
2 $ this $ test
3 $ Are $ awk
This's $ a $ 
10 $ There $

使用正则,字符串匹配

# 输出第二列包含 "th",并打印第二列与第四列
# ~ 表示模式开始。// 中是模式。
[root@peipei3514 usr]# awk '$2 ~ /th/ {print $2,$4}' log.txt
this a

# 输出包含"re" 的行
[root@peipei3514 usr]# awk '/re/ ' log.txt
3 Are you like awk
10 There are orange,apple,mongo

忽略大小写

[root@peipei3514 usr]# awk 'BEGIN{IGNORECASE=1} /this/' log.txt
2 this is a test
This's a test

模式取反

[root@peipei3514 usr]# awk '$2 !~ /th/ {print $2,$4}' log.txt
Are like
a 
There orange,apple,mongo
[root@peipei3514 usr]# awk '!/th/ {print $2,$4}' log.txt
Are like
a 
There orange,apple,mongo

awk脚本

关于awk脚本,我们需要注意两个关键词BEGIN和END。

BEGIN{ 这里面放的是执行前的语句 } {这里面放的是处理每一行时要执行的语句} END {这里面放的是处理完所有的行后要执行的语句 }

假设有这么一个文件(学生成绩表):

$ cat score.txt
Marry   2143 78 84 77
Jack    2321 66 78 45
Tom     2122 48 77 71
Mike    2537 87 97 95
Bob     2415 40 57 62

我们的awk脚本如下:

#!/bin/awk -f
#运行前
BEGIN {
    math = 0
    english = 0
    computer = 0

    printf "NAME    NO.   MATH  ENGLISH  COMPUTER   TOTAL\n"
    printf "---------------------------------------------\n"
}
#运行中
{
    math+=$3
    english+=$4
    computer+=$5
    printf "%-6s %-6s %4d %8d %8d %8d\n", $1, $2, $3,$4,$5, $3+$4+$5
}
#运行后
END {
    printf "---------------------------------------------\n"
    printf "  TOTAL:%10d %8d %8d \n", math, english, computer
    printf "AVERAGE:%10.2f %8.2f %8.2f\n", math/NR, english/NR, computer/NR
}

我们来看一下执行结果:

[root@peipei3514 usr]# awk -f cal.awk score.txt
NAME    NO.   MATH  ENGLISH  COMPUTER   TOTAL
---------------------------------------------
Marry  2143     78       84       77      239
Jack   2321     66       78       45      189
Tom    2122     48       77       71      196
Mike   2537     87       97       95      279
Bob    2415     40       57       62      159
---------------------------------------------
  TOTAL:       319      393      350 
AVERAGE:     63.80    78.60    70.00

另外一些实例

AWK的hello world程序为:

BEGIN { print "Hello, world!" }

计算文件大小

$ ls -l *.txt | awk '{sum+=$6} END {print sum}'
--------------------------------------------------
666581

从文件中找出长度大于80的行

awk 'length>80' log.txt

打印九九乘法表

[root@peipei3514 usr]# seq 9 | sed 'H;g' | awk -v RS='' '{for(i=1;i<=NF;i++)printf("%dx%d=%d%s", i, NR, i*NR, i==NR?"\n":"\t")}'
1x1=1
1x2=2   2x2=4
1x3=3   2x3=6   3x3=9
1x4=4   2x4=8   3x4=12  4x4=16
1x5=5   2x5=10  3x5=15  4x5=20  5x5=25
1x6=6   2x6=12  3x6=18  4x6=24  5x6=30  6x6=36
1x7=7   2x7=14  3x7=21  4x7=28  5x7=35  6x7=42  7x7=49
1x8=8   2x8=16  3x8=24  4x8=32  5x8=40  6x8=48  7x8=56  8x8=64
1x9=9   2x9=18  3x9=27  4x9=36  5x9=45  6x9=54  7x9=63  8x9=72  9x9=81

相关内容