Python中文网

一个关于 编程问题的解答网站.

有 Java 编程相关的问题?

你可以在下面搜索框中键入要查询的问题!

用于日志分析的java模式匹配

3 月 Questions & Answers

我的程序将发出grep命令,根据时间范围和唯一关键字搜索日志。我的程序能够成功地发出grep命令,并返回几行匹配的日志,如下所示

22:41.9 INFO    SSHD    SSHD-TRANSFER-1 [accountName=root] [remoteAddress=/172.16.8.1:64931]:Logout agent success [accountName=null remoteAddress=STEDGE/172.16.8.3]    AuthenticationProviderImpl.java com.tumbleweed.st.server.sshd.AuthenticationProviderImpl    executeLogoutAgent  429 UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN
21:45.9 INFO    SSHD    SSHD-TRANSFER-1 [accountName=root] [remoteAddress=/172.16.8.1:64931]:Invoking logout agent [accountName=null remoteAddress=STEDGE/172.16.8.3]   AuthenticationProviderImpl.java com.tumbleweed.st.server.sshd.AuthenticationProviderImpl    executeLogoutAgent  425 UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN
21:45.9 INFO    SSHD    SSHD-TRANSFER-1 [accountName=root] [remoteAddress=/172.16.8.1:64931]:SSH: User "null" logged out from [172.16.8.1]. AuthenticationProviderImpl.java com.tumbleweed.st.server.sshd.AuthenticationProviderImpl    executeLogoutAgent  422 UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN



但我不需要所有这些,我感兴趣的是[remoteAddress=/172.16.8.1:64931]。这行代码Pattern pat1 = Pattern.compile("remoteAddress=/(\d)");给出非法转义字符。我可以知道如何在没有任何端口号的情况下提取IP地址并将其存储到字符串变量中吗?我在google上搜索了一些信息,但它无法工作?供您参考,这是我的源代码 

import java.io.*;
import java.util.regex.*;
class blockIP
{
   public static void main(String [] args)
   {
     String command1 = "date +%R";
     String time = null;
     String arguement2 = null;
     String arguement1 = ".*java";
     try
       {
             Process p1 = Runtime.getRuntime().exec(command1);
             BufferedReader br1 = new BufferedReader(new InputStreamReader(p1.getInputStream()));

             String line1;
             while((line1 = br1.readLine()) != null )
              {
                  System.out.println(line1);
                  time = line1;
                  arguement2 =time.concat(arguement1);
              }
           br1.close();
           String command2 = "grep "+arguement2+" stlog.txt";
           System.out.println("the command2 is :"+command2);
           Process p2 = Runtime.getRuntime().exec(command2);
           BufferedReader br2 = new BufferedReader(new InputStreamReader(p2.getInputStream()));
           String line2;
           while((line2 = br2.readLine()) != null)
           { 
              System.out.println(line2);
              Pattern pat1 = Pattern.compile("remoteAddress=/(\d)");
              Matcher matcher1 = pat1.matcher(line2);
              while(matcher1.find())
                   {
                     System.out.println(matcher1.group(1));
                   }
           }

        }
      catch(IOException e)
      {
        e.printStackTrace();
      }

   }
}

共 (2) 个答案

  2. # 2 楼答案

    这个正则表达式匹配remoteAddress=/短语后面的数字和点

    public static void main(String[] args) {
        String s = "21:45.9 INFO    SSHD    SSHD-TRANSFER-1 [accountName=root] [remoteAddress=/172.16.8.1:64931]:Invoking logout agent [accountName=null remoteAddress=STEDGE/172.16.8.3]   AuthenticationProviderImpl.java com.tumbleweed.st.server.sshd.AuthenticationProviderImpl    executeLogoutAgent  425 UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN\r\n";
        Pattern pattern = Pattern.compile("(?<=remoteAddress=/)[\\d.]+");
        Matcher matcher = pattern.matcher(s);
        while (matcher.find()) {
            String group = matcher.group();
            System.out.println(group);
        }

    }

    它与remoteAddress=STEDGE/172.16.8.3不匹配

    它使用正向查找来断言(?<=remoteAddress=/)172.16.8.1之前

    模式:

    (?<=remoteAddress=/)正向查找(零长度断言)。只有当[\\d.]+前面有确切的短语remoteAddress=/时,它才匹配

    [\\d.]+匹配数字或句点。一次或多次。与其他任何东西都不匹配