有时在进行服务器日志分析的时候,大部分的信息都是无价值的,有规律的的出现。都在日志文件中出现的话,影响观察,会把真正有价值的记录掩盖。
简单的查找或,替换有时也不能解决问题,正则匹配的替换写着也累,写错的几率也比较大。日志记录一般也有时间信息,行与行还不同。比如:
Jul 18 08:54:22 localhost snmpd[19422]: Received SNMP packet(s) from UDP: [192.168.100.188]:57796
Jul 18 08:54:22 localhost snmpd[19422]: Connection from UDP: [192.168.100.188]:45420
Jul 18 08:54:22 localhost snmpd[19422]: Received SNMP packet(s) from UDP: [192.168.100.188]:45420
Jul 18 08:54:22 localhost snmpd[19422]: Connection from UDP: [192.168.100.188]:33679
Jul 18 08:54:22 localhost snmpd[19422]: Received SNMP packet(s) from UDP: [192.168.100.188]:33679
Jul 18 08:54:22 localhost snmpd[19422]: Connection from UDP: [192.168.100.188]:51202
Jul 18 08:54:22 localhost snmpd[19422]: Received SNMP packet(s) from UDP: [192.168.100.188]:51202
Jul 18 08:54:22 localhost snmpd[19422]: Connection from UDP: [192.168.100.188]:33769
Jul 18 08:54:22 localhost snmpd[19422]: Received SNMP packet(s) from UDP: [192.168.100.188]:33769
Jul 18 08:54:22 localhost snmpd[19422]: Connection from UDP: [192.168.100.188]:43985
还有一些并无规律,但我们可以以存在某些关键词为由进行排除。
研究了下UltrlEdit的脚本功能,发现还蛮方便的。比如实现“查找如果存在某字符,就删掉此行“ 的功能。
只需以下几行代码:
var str = UltraEdit.getString("What string do you want to find?",1);
UltraEdit.document[0].bottom(); //跳转到文件结尾。
var num = UltraEdit.document[0].currentLineNum; //得到当前行号
UltraEdit.document[0].top(); //跳转到文件头
var x = num;
while (x > 0) {
UltraEdit.document[0].findReplace.find(str);
UltraEdit.document[0].selectLine();
if (UltraEdit.document[0].isFound() == true) {
UltraEdit.document[0].deleteLine();
}
x--;
}
存为clearline.js