嗨,我似乎无法弄清楚如何从日志文件中提取日期和 PID。 我正在尝试显示日期,然后显示 pid,如下所示。但它不会显示 PID,只显示日期。
请查看我的代码:
def show_time_of_pid(line):
pattern = r"^([\w+]*[\s\d\:]+.[\[(\d+)\]])"
result = re.search(pattern, line)
return result
print(show_time_of_pid("Jul 6 14:01:23 computer.name CRON[29440]: USER (good_user)")) # Jul 6 14:01:23 pid:29440
<re.Match object; span=(0, 14), match='Jul 6 14:01:23'>
我很期待
Jul 6 14:01:23 pid:29440我明白了
<re.Match object; span=(0, 14), match='Jul 6 14:01:23'> **NO PID DISPLAYED我可能会写这样的东西:
def show_time_of_pid(line):
pattern = r"^(\w{3}) \s (\d+) \s ([\d:]+) \s .[^[]+\[(\d+)]:.*"
result = re.search(pattern, line, flags=re.VERBOSE)
return result.groups()
print(show_time_of_pid("Jul 6 14:01:23 computer.name CRON[29440]: USER (good_user)"))
使用
re.VERBOSE(\w{3})(\d+)([\d:]+)[^[]+\[(\d+)][[]每组之间用空格分隔 (
\s运行上面的代码会产生:
('Jul', '6', '14:01:23', '29440')
你可以更喜欢外部捕获组;通过写作:
import re
def show_time_of_pid(line):
pattern = r"^((\w{3}) \s (\d+) \s ([\d:]+)) \s .[^[]+\[(\d+)]:.*"
result = re.search(pattern, line, flags=re.VERBOSE)
return result.groups()
print(show_time_of_pid("Jul 6 14:01:23 computer.name CRON[29440]: USER (good_user)"))
我们在第一个捕获组中获取整个日期字符串:
('Jul 6 14:01:23', 'Jul', '6', '14:01:23', '29440')
当然,我们可以通过使用命名捕获组取回带标签的字典,而不仅仅是列表:
import re
def show_time_of_pid(line):
pattern = r"^(?P<timestamp>(?P<month>\w{3}) \s (?P<day>\d+) \s ([\d:]+)) \s .[^[]+\[(?P<pid>\d+)]:.*"
result = re.search(pattern, line, flags=re.VERBOSE)
return result.groupdict()
print(show_time_of_pid("Jul 6 14:01:23 computer.name CRON[29440]: USER (good_user)"))
产生:
{'timestamp': 'Jul 6 14:01:23', 'month': 'Jul', 'day': '6', 'pid': '29440'}