Grep

為什麼此命令不根據 uniq 計數進行排序?

  • November 2, 2015

我在日誌中有類似於以下內容的行:

2015/11/02-07:55:39.735 INFO failed with ERR_AUTHORIZATION_REQUIRED.  (10.10.10.11:61618) is not a trusted source.
2015/11/02-07:55:40.515 INFO failed with ERR_AUTHORIZATION_REQUIRED.  (10.10.10.11:51836) is not a trusted source.
2015/11/02-07:55:39.735 INFO failed with ERR_AUTHORIZATION_REQUIRED.  (10.10.10.10:61615) is not a trusted source.
2015/11/02-07:55:40.515 INFO failed with ERR_AUTHORIZATION_REQUIRED.  (10.10.10.10:51876) is not a trusted source.
2015/11/02-07:55:39.735 INFO failed with ERR_AUTHORIZATION_REQUIRED.  (10.10.10.10:61614) is not a trusted source.
2015/11/02-07:55:39.735 INFO failed with ERR_AUTHORIZATION_REQUIRED.  (10.10.10.15:61614) is not a trusted source.
2015/11/02-07:55:39.735 INFO failed with ERR_AUTHORIZATION_REQUIRED.  (10.10.10.15:61618) is not a trusted source.
2015/11/02-07:55:39.735 INFO failed with ERR_AUTHORIZATION_REQUIRED.  (10.10.10.15:61613) is not a trusted source.

因此,我嘗試了以下命令來獲取每個 uniq IP 的計數,並排序:

grep ERR_AUTHORIZATION_REQUIRED file.log | awk '{print $6}' | cut -s -d ':' -f1 | tr -d '(' | sort | uniq -c

我得到的輸出類似於以下內容:

3 10.10.10.10
2 10.10.10.11
3 10.10.10.15

所以這就像在應用之前對 IP 進行排序uniq -c(這對於給定命令是有意義的),但是如果我交換uniqandsort命令,每個 IP 都會列印1.

uniq手冊頁:

DESCRIPTION
    Discard all but one of successive identical lines from INPUT (or standard input), writing to OUTPUT (or standard output).

這裡的關鍵詞是“連續的”。它不會在流中的任何位置搜尋重複項,只搜尋緊隨其後的那些。排序強制所有重複項彼此相鄰,因此可以刪除(併計算)它們。

引用自:https://unix.stackexchange.com/questions/240311

相關問答

Awk

僅對一組模式計算唯一行

  • March 11, 2017
檢視問答
Awk

監控伺服器連接 - Netstat 格式問題

  • March 18, 2016
檢視問答
Grep

用 grep 顯示文件名

  • July 8, 2015
檢視問答
Grep

grepping我的歷史文件時如何獲取唯一命令的最後一行?

  • April 7, 2014
檢視問答
Grep

計算與特定模式匹配的行的最簡單方法,如果找不到行,包括“0”?

  • October 10, 2012
檢視問答
Awk

從多個文件中查找特定字元串之後的最高數字

  • August 4, 2022
檢視問答