用于日志分析的java模式匹配
我的程序将发出grep
命令,根据时间范围和唯一关键字搜索日志。我的程序能够成功地发出grep
命令,并返回几行匹配的日志,如下所示
22:41.9 INFO SSHD SSHD-TRANSFER-1 [accountName=root] [remoteAddress=/172.16.8.1:64931]:Logout agent success [accountName=null remoteAddress=STEDGE/172.16.8.3] AuthenticationProviderImpl.java com.tumbleweed.st.server.sshd.AuthenticationProviderImpl executeLogoutAgent 429 UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN
21:45.9 INFO SSHD SSHD-TRANSFER-1 [accountName=root] [remoteAddress=/172.16.8.1:64931]:Invoking logout agent [accountName=null remoteAddress=STEDGE/172.16.8.3] AuthenticationProviderImpl.java com.tumbleweed.st.server.sshd.AuthenticationProviderImpl executeLogoutAgent 425 UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN
21:45.9 INFO SSHD SSHD-TRANSFER-1 [accountName=root] [remoteAddress=/172.16.8.1:64931]:SSH: User "null" logged out from [172.16.8.1]. AuthenticationProviderImpl.java com.tumbleweed.st.server.sshd.AuthenticationProviderImpl executeLogoutAgent 422 UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN
但我不需要所有这些,我感兴趣的是[remoteAddress=/172.16.8.1:64931]
。这行代码Pattern pat1 = Pattern.compile("remoteAddress=/(\d)");
给出非法转义字符。我可以知道如何在没有任何端口号的情况下提取IP地址并将其存储到字符串变量中吗?我在google上搜索了一些信息,但它无法工作?供您参考,这是我的源代码
import java.io.*;
import java.util.regex.*;
class blockIP
{
public static void main(String [] args)
{
String command1 = "date +%R";
String time = null;
String arguement2 = null;
String arguement1 = ".*java";
try
{
Process p1 = Runtime.getRuntime().exec(command1);
BufferedReader br1 = new BufferedReader(new InputStreamReader(p1.getInputStream()));
String line1;
while((line1 = br1.readLine()) != null )
{
System.out.println(line1);
time = line1;
arguement2 =time.concat(arguement1);
}
br1.close();
String command2 = "grep "+arguement2+" stlog.txt";
System.out.println("the command2 is :"+command2);
Process p2 = Runtime.getRuntime().exec(command2);
BufferedReader br2 = new BufferedReader(new InputStreamReader(p2.getInputStream()));
String line2;
while((line2 = br2.readLine()) != null)
{
System.out.println(line2);
Pattern pat1 = Pattern.compile("remoteAddress=/(\d)");
Matcher matcher1 = pat1.matcher(line2);
while(matcher1.find())
{
System.out.println(matcher1.group(1));
}
}
}
catch(IOException e)
{
e.printStackTrace();
}
}
}
# 1 楼答案
尝试在grep之后使用cut命令。比如:
参考https://shapeshed.com/unix-cut/
# 2 楼答案
这个正则表达式匹配
remoteAddress=/
短语后面的数字和点它与
remoteAddress=STEDGE/172.16.8.3
不匹配它使用正向查找来断言
(?<=remoteAddress=/)
在172.16.8.1
之前模式:
(?<=remoteAddress=/)
正向查找(零长度断言)。只有当[\\d.]+
前面有确切的短语remoteAddress=/
时,它才匹配[\\d.]+
匹配数字或句点。一次或多次。与其他任何东西都不匹配