3개의 열을 분리하고 싶습니다. 첫 번째 열에는 단일 숫자 4, 5 또는 6이 포함되어 있습니다. 두 번째 열에는 ID가 포함되고 세 번째 열에는 설명이 포함됩니다.
입력 예:
%ASA-4-105505: (Primary|Secondary) Failed to connect to peer unit peer-ip:port
%ASA-4-105524: (Primary|Secondary) Transitioning to Negotiating state due to the presence of another Active HA unit
%ASA-4-105553: (Primary|Secondary) Detected another Active HA unit
%ASA-4-106023: Deny protocol src [interface_name:source_address/source_port] [([idfw_user|FQDN_string], sg_info)] dst interface_name:dest_address/dest_port [([idfw_user|FQDN_string], sg_info)] [type {string}, code {code}] by access_group acl_ID [0x8ed66b60, 0xf8852875]
%ASA-4-106027: Deny src [source address] dst [destination address] by access-group “access-list name”.
%ASA-4-106103: access-list acl_ID denied protocol for user username interface_name/source_address source_port interface_name/dest_address dest_port hit-cnt number first hit hash codes
%ASA-4-108004: action_class: action ESMTP req_resp from src_ifc:sip|sport to dest_ifc:dip|dport;further_info, page 1-23
%ASA-4-109017: User at IP_address exceeded auth proxy connection limit (max)
%ASA-4-109022: exceeded HTTPS proxy process limit
%ASA-4-109027: [aaa protocol] Unable to decipher response message Server = server_IP_address, User = user
%ASA-4-109028: aaa bypassed for same-security traffic from ingress_ interface:source_address/source_port to egress_interface:dest_address/dest_port
%ASA-4-109030: Autodetect ACL convert wildcard did not convert ACL access_list source | dest netmask netmask.
예상 출력:
4 105505 (Primary|Secondary) Failed to connect to peer unit peer-ip:port
4 105524 (Primary|Secondary) Transitioning to Negotiating state due to the presence of another Active HA unit
4 105553 (Primary|Secondary) Detected another Active HA unit
4 106023 Deny protocol src [interface_name:source_address/source_port] [([idfw_user|FQDN_string], sg_info)] dst interface_name:dest_address/dest_port [([idfw_user|FQDN_string], sg_info)] [type {string}, code {code}] by access_group acl_ID [0x8ed66b60, 0xf8852875]
4 106027 Deny src [source address] dst [destination address] by access-group “access-list name”.
4 106103 access-list acl_ID denied protocol for user username interface_name/source_address source_port interface_name/dest_address dest_port hit-cnt number first hit hash codes
4 108004 action_class: action ESMTP req_resp from src_ifc:sip|sport to dest_ifc:dip|dport;further_info, page 1-23
4 109017 User at IP_address exceeded auth proxy connection limit (max)
4 109022 exceeded HTTPS proxy process limit
4 109027 [aaa protocol] Unable to decipher response message Server = server_IP_address, User = user
4 109028 aaa bypassed for same-security traffic from ingress_ interface:source_address/source_port to egress_interface:dest_address/dest_port
4 109030 Autodetect ACL convert wildcard did not convert ACL access_list source | dest netmask netmask.
두 번째와 세 번째 열을 추출할 수 있지만 cat rawSyslog.txt | awk -F '[-:]' '{print $2 "\t" $3}'마지막 열에는 출력 필드를 엉망으로 만드는 특수 문자가 많이 있습니다. 마지막 열을 추출하는 방법은 무엇입니까?
답변1
GNU awk를 사용하여 다음을 수행하십시오 gensub().
$ awk -F'[:-]' -v OFS='\t' '{print $2, $3, gensub(/[^ ]* /,"",1)}' file
4 105505 (Primary|Secondary) Failed to connect to peer unit peer-ip:port
4 105524 (Primary|Secondary) Transitioning to Negotiating state due to the presence of another Active HA unit
4 105553 (Primary|Secondary) Detected another Active HA unit
4 106023 Deny protocol src [interface_name:source_address/source_port] [([idfw_user|FQDN_string], sg_info)] dst interface_name:dest_address/dest_port [([idfw_user|FQDN_string], sg_info)] [type {string}, code {code}] by access_group acl_ID [0x8ed66b60, 0xf8852875]
4 106027 Deny src [source address] dst [destination address] by access-group “access-list name”.
4 106103 access-list acl_ID denied protocol for user username interface_name/source_address source_port interface_name/dest_address dest_port hit-cnt number first hit hash codes
4 108004 action_class: action ESMTP req_resp from src_ifc:sip|sport to dest_ifc:dip|dport;further_info, page 1-23
4 109017 User at IP_address exceeded auth proxy connection limit (max)
4 109022 exceeded HTTPS proxy process limit
4 109027 [aaa protocol] Unable to decipher response message Server = server_IP_address, User = user
4 109028 aaa bypassed for same-security traffic from ingress_ interface:source_address/source_port to egress_interface:dest_address/dest_port
4 109030 Autodetect ACL convert wildcard did not convert ACL access_list source | dest netmask netmask.
또는 awk를 사용하십시오.
$ awk -F'[:-]' -v OFS='\t' '{x=$0; sub(/[^ ]* /,"",x); print $2, $3, x}' file
4 105505 (Primary|Secondary) Failed to connect to peer unit peer-ip:port
4 105524 (Primary|Secondary) Transitioning to Negotiating state due to the presence of another Active HA unit
4 105553 (Primary|Secondary) Detected another Active HA unit
4 106023 Deny protocol src [interface_name:source_address/source_port] [([idfw_user|FQDN_string], sg_info)] dst interface_name:dest_address/dest_port [([idfw_user|FQDN_string], sg_info)] [type {string}, code {code}] by access_group acl_ID [0x8ed66b60, 0xf8852875]
4 106027 Deny src [source address] dst [destination address] by access-group “access-list name”.
4 106103 access-list acl_ID denied protocol for user username interface_name/source_address source_port interface_name/dest_address dest_port hit-cnt number first hit hash codes
4 108004 action_class: action ESMTP req_resp from src_ifc:sip|sport to dest_ifc:dip|dport;further_info, page 1-23
4 109017 User at IP_address exceeded auth proxy connection limit (max)
4 109022 exceeded HTTPS proxy process limit
4 109027 [aaa protocol] Unable to decipher response message Server = server_IP_address, User = user
4 109028 aaa bypassed for same-security traffic from ingress_ interface:source_address/source_port to egress_interface:dest_address/dest_port
4 109030 Autodetect ACL convert wildcard did not convert ACL access_list source | dest netmask netmask.
답변2
펄 방법:
$ perl -lne 'print join "\t",$1,$2,$3 if /-(\d)-(\d+):\s+(.*)/' file
4 105505 (Primary|Secondary) Failed to connect to peer unit peer-ip:port
4 105524 (Primary|Secondary) Transitioning to Negotiating state due to the presence of another Active HA unit
4 105553 (Primary|Secondary) Detected another Active HA unit
4 106023 Deny protocol src [interface_name:source_address/source_port] [([idfw_user|FQDN_string], sg_info)] dst interface_name:dest_address/dest_port [([idfw_user|FQDN_string], sg_info)] [type {string}, code {code}] by access_group acl_ID [0x8ed66b60, 0xf8852875]
4 106027 Deny src [source address] dst [destination address] by access-group “access-list name”.
4 106103 access-list acl_ID denied protocol for user username interface_name/source_address source_port interface_name/dest_address dest_port hit-cnt number first hit hash codes
4 108004 action_class: action ESMTP req_resp from src_ifc:sip|sport to dest_ifc:dip|dport;further_info, page 1-23
4 109017 User at IP_address exceeded auth proxy connection limit (max)
4 109022 exceeded HTTPS proxy process limit
4 109027 [aaa protocol] Unable to decipher response message Server = server_IP_address, User = user
4 109028 aaa bypassed for same-security traffic from ingress_ interface:source_address/source_port to egress_interface:dest_address/dest_port
4 109030 Autodetect ACL convert wildcard did not convert ACL access_list source | dest netmask netmask.
답변3
사용행복하다(이전 Perl_6)
raku -ne 'put ($0,$1,$2).join("\t") if / \- (<[456]>) \- (\d+) \: \s+ (.*) /;'
또는
raku -ne '.split(/<[:-]>/, 4).skip.join("\t").put;'
첫 번째 답변은 일반적으로 @terdon의 Perl5 코드를 따르는 반면, 두 번째 답변은 일반적으로 @glenn_jackman의 Perl5 코드를 따릅니다.
Raku의 메모:
라쿠 캡쳐는
$0,Raku는 정규 표현식에서 문자를 이스케이프 처리할 때 추측을 하지 않습니다. 그렇지 않은 경우
<alnum>이스케이프해야 합니다.열거된 문자 클래스는 Raku에서 다음 과 같이 생성됩니다
<[.]>선행
.(as ) 은 함수 호출이 대상 변수 에 적용됨을 나타내는.split약어입니다 .$_.$_
입력 예:
%ASA-4-105505: (Primary|Secondary) Failed to connect to peer unit peer-ip:port
%ASA-4-105524: (Primary|Secondary) Transitioning to Negotiating state due to the presence of another Active HA unit
%ASA-4-105553: (Primary|Secondary) Detected another Active HA unit
%ASA-4-106023: Deny protocol src [interface_name:source_address/source_port] [([idfw_user|FQDN_string], sg_info)] dst interface_name:dest_address/dest_port [([idfw_user|FQDN_string], sg_info)] [type {string}, code {code}] by access_group acl_ID [0x8ed66b60, 0xf8852875]
%ASA-4-106027: Deny src [source address] dst [destination address] by access-group “access-list name”.
%ASA-4-106103: access-list acl_ID denied protocol for user username interface_name/source_address source_port interface_name/dest_address dest_port hit-cnt number first hit hash codes
%ASA-4-108004: action_class: action ESMTP req_resp from src_ifc:sip|sport to dest_ifc:dip|dport;further_info, page 1-23
%ASA-4-109017: User at IP_address exceeded auth proxy connection limit (max)
%ASA-4-109022: exceeded HTTPS proxy process limit
%ASA-4-109027: [aaa protocol] Unable to decipher response message Server = server_IP_address, User = user
%ASA-4-109028: aaa bypassed for same-security traffic from ingress_ interface:source_address/source_port to egress_interface:dest_address/dest_port
%ASA-4-109030: Autodetect ACL convert wildcard did not convert ACL access_list source | dest netmask netmask.
예제 출력:
4 105505 (Primary|Secondary) Failed to connect to peer unit peer-ip:port
4 105524 (Primary|Secondary) Transitioning to Negotiating state due to the presence of another Active HA unit
4 105553 (Primary|Secondary) Detected another Active HA unit
4 106023 Deny protocol src [interface_name:source_address/source_port] [([idfw_user|FQDN_string], sg_info)] dst interface_name:dest_address/dest_port [([idfw_user|FQDN_string], sg_info)] [type {string}, code {code}] by access_group acl_ID [0x8ed66b60, 0xf8852875]
4 106027 Deny src [source address] dst [destination address] by access-group “access-list name”.
4 106103 access-list acl_ID denied protocol for user username interface_name/source_address source_port interface_name/dest_address dest_port hit-cnt number first hit hash codes
4 108004 action_class: action ESMTP req_resp from src_ifc:sip|sport to dest_ifc:dip|dport;further_info, page 1-23
4 109017 User at IP_address exceeded auth proxy connection limit (max)
4 109022 exceeded HTTPS proxy process limit
4 109027 [aaa protocol] Unable to decipher response message Server = server_IP_address, User = user
4 109028 aaa bypassed for same-security traffic from ingress_ interface:source_address/source_port to egress_interface:dest_address/dest_port
4 109030 Autodetect ACL convert wildcard did not convert ACL access_list source | dest netmask netmask.
답변4
당신은 그것을 사용할 수 있습니다 sed:
$ sed 's/^.\{5\}\([[:digit:]]\+\)-\([[:digit:]]\+\):[[:blank:]]*\(.*\)$/\1\t\2\t\3/' file
4 105505 (Primary|Secondary) Failed to connect to peer unit peer-ip:port
4 105524 (Primary|Secondary) Transitioning to Negotiating state due to the presence of another Active HA unit
4 105553 (Primary|Secondary) Detected another Active HA unit
4 106023 Deny protocol src [interface_name:source_address/source_port] [([idfw_user|FQDN_string], sg_info)] dst interface_name:dest_address/dest_port [([idfw_user|FQDN_string], sg_info)] [type {string}, code {code}] by access_group acl_ID [0x8ed66b60, 0xf8852875]
4 106027 Deny src [source address] dst [destination address] by access-group “access-list name”.
4 106103 access-list acl_ID denied protocol for user username interface_name/source_address source_port interface_name/dest_address dest_port hit-cnt number first hit hash codes
4 108004 action_class: action ESMTP req_resp from src_ifc:sip|sport to dest_ifc:dip|dport;further_info, page 1-23
4 109017 User at IP_address exceeded auth proxy connection limit (max)
4 109022 exceeded HTTPS proxy process limit
4 109027 [aaa protocol] Unable to decipher response message Server = server_IP_address, User = user
4 109028 aaa bypassed for same-security traffic from ingress_ interface:source_address/source_port to egress_interface:dest_address/dest_port
4 109030 Autodetect ACL convert wildcard did not convert ACL access_list source | dest netmask netmask.