标签:icmp 机器 颜色 标准输入 结合 表达 buffer 日志 arch
Linux系统中grep命令是一种强大的文本搜索工具,它能使用正则表达式搜索文本,并匹配行打印出来。
usage: grep [-abcDEFGHhIiJLlmnOoqRSsUVvwxZ] [-A num] [-B num] [-C[num]]
[-e pattern] [-f file] [--binary-files=value] [--color=when]
[--context[=num]] [--directories=action] [--label] [--line-buffered]
[--null] [pattern] [file ...]
-c:计算匹配到的行数,并显示结果;
? ~ ping www.cnblogs.com > blog.log | tail -f blog.log PING www.cnblogs.com (42.121.252.58): 56 data bytes 64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=26.616 ms 64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=26.738 ms 64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=26.482 ms 64 bytes from 42.121.252.58: icmp_seq=3 ttl=32 time=26.485 ms 64 bytes from 42.121.252.58: icmp_seq=4 ttl=32 time=26.325 ms ^C ? ~ grep -c 26.616 blog.log 1
-C 2:显示匹配行,并显示之前与之后的两行,也就是一共显示5行;
? ~ grep -C 2 26.616 blog.log
PING www.cnblogs.com (42.121.252.58): 56 data bytes
64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=26.616 ms
64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=26.738 ms
64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=26.482 ms
-A 2:显示匹配行,并显示之后的两行;
? ~ grep -A 2 26.616 blog.log
64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=26.616 ms
64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=26.738 ms
64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=26.482 ms
-v:显示不包含匹配行的所有行;
? ~ grep -v 26.616 blog.log
PING www.cnblogs.com (42.121.252.58): 56 data bytes
64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=26.738 ms
64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=26.482 ms
64 bytes from 42.121.252.58: icmp_seq=3 ttl=32 time=26.485 ms
64 bytes from 42.121.252.58: icmp_seq=4 ttl=32 time=26.325 ms
-color:显示匹配内容,并用不同颜色突出显示;
? ~ grep --color 26.616 blog.log
64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=26.616 ms
tail命令是线上机器查看log最常用的命令,可以从指定点开始将文件写到标准输出,tail -f 可以查看不停打出的日志文件,使你看到最新的log日志。
usage: tail [-F | -f | -r] [-q] [-b # | -c # | -n #] [file ...]
-f:监视File文件增长;
? ~ ping www.cnblogs.com > blog.log | tail -f blog.log PING www.cnblogs.com (42.121.252.58): 56 data bytes 64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=26.250 ms 64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=25.807 ms 64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=25.966 ms 64 bytes from 42.121.252.58: icmp_seq=3 ttl=32 time=25.939 ms 64 bytes from 42.121.252.58: icmp_seq=4 ttl=32 time=25.833 ms 64 bytes from 42.121.252.58: icmp_seq=5 ttl=32 time=25.862 ms 一直显示下去。。。
-q:与-f相反,将文件内容直接显示出来,默认显示文件从后往前数10行的内容;
? ~ tail -q blog.log
PING www.cnblogs.com (42.121.252.58): 56 data bytes
64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=26.250 ms
64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=25.807 ms
64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=25.966 ms
64 bytes from 42.121.252.58: icmp_seq=3 ttl=32 time=25.939 ms
64 bytes from 42.121.252.58: icmp_seq=4 ttl=32 time=25.833 ms
64 bytes from 42.121.252.58: icmp_seq=5 ttl=32 time=25.862 ms
-n:从后往前数,显示指定的行数,一般-f结合使用:-fn,比如-fn 20,一次当前显示文件的最后20行,并不停显示文件的最新内容;
? ~ ping www.cnblogs.com > blog.log | tail -fn 1 blog.log PING www.cnblogs.com (42.121.252.58): 56 data bytes 64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=25.813 ms 64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=26.363 ms 64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=26.218 ms 64 bytes from 42.121.252.58: icmp_seq=3 ttl=32 time=26.292 ms 一直显示下去。。。
显示文件内容的同时,显示行号(并不是文件的行号,而是当前显示的行号):
? ~ ping www.baidu.com > baidu.log | tail -fn 500 baidu.log | awk ‘{print NR,$0}‘ 【或者 ping www.baidu.com > baidu.log | tail -fn 500 baidu.log | cat -n】
1 PING www.a.shifen.com (61.135.169.125): 56 data bytes
2 64 bytes from 61.135.169.125: icmp_seq=0 ttl=51 time=6.030 ms
3 64 bytes from 61.135.169.125: icmp_seq=1 ttl=51 time=3.815 ms
4 64 bytes from 61.135.169.125: icmp_seq=2 ttl=51 time=3.964 ms
5 64 bytes from 61.135.169.125: icmp_seq=3 ttl=51 time=3.775 ms
从后往前数文件2行直接显示出来:
tail -n 2 baidu.log
从文件的第二行开始显示文件剩余部分:
tail -n +2 baidu.log
Linux wc命令用于计算字数。利用wc指令我们可以计算文件的Byte数、字数、或是列数,不制定文件名或者文件名为“-”,则wc会从标准输入设备读取数据。
usage: wc [-clmw] [file ...]
-c 或--bytes或--chars显示Bytes数:
? ~ cat blog.log
PING www.cnblogs.com (42.121.252.58): 56 data bytes
64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=25.762 ms
64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=25.733 ms
64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=26.556 ms
? ~ wc -c blog.log
238 blog.log
显示行数:-l,显示字数或单词数:-w:
? ~ wc -l blog.log
4 blog.log
? ~ wc -w blog.log
30 blog.log
不过以上都可以直接wc filename,输出值的含义对应上面两个例子:
? ~ wc blog.log 4 30 238 blog.log
awk是一种处理文本文件的语言,是一个强大的文本分析工具。
awk [选项参数] ‘script‘ var=value file(s)
或
awk [选项参数] -f scriptfile var=value file(s)
直接看栗子,就不解释了:
? ~ cat blog.log
PING www.cnblogs.com (42.121.252.58): 56 data bytes
64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=25.762 ms
64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=25.733 ms
64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=26.556 ms
? ~ awk ‘{print $1 $2}‘ blog.log
PINGwww.cnblogs.com
64bytes
64bytes
64bytes
? ~ awk ‘{print $1 " ->> "$2}‘ blog.log
PING ->> www.cnblogs.com
64 ->> bytes
64 ->> bytes
64 ->> bytes
awk的详情看这里
标签:icmp 机器 颜色 标准输入 结合 表达 buffer 日志 arch
原文地址:http://www.cnblogs.com/zhengbin/p/6131108.html