獲取特定單詞和以下文本

輸入文件

Mar 21 13:25:04 ip-172-2-0-53 sendmail[5857]: v2LKMUDq005855: to=<dirdel@gmail.com>,<jhk@hotmail.com>, delay=00:02:34, xdelay=00:02:34, mailer=esmtp, pri=151745, relay=icadmed-com.mail.p...ction.googlemail.com. [xxx.xx.xxx.xxx], dsn=2.0.0, stat=Sent (<5c847a983008319fdd71bc81b60daef7@dmgnc.radionhub.com> [InternalId=76295799050449, Hostname=BY1PR0701MB1752.namprd07.prod.gmail.com] 8962 bytes in 0.961, 9.102 KB/sec Queued mail for delivery)
Mar 21 11:34:55 ip-172-2-0-53 sendmail[5478]: v2LIXc00005476: to=<delivery@gmail.com>, delay=00:01:17, xdelay=00:01:17, mailer=esmtp, pri=120883, relay=gmail-com.mail.p...ction.googlemail.com. [xxx.xx.xxx.xx], dsn=2.0.0, stat=Sent (<7bb6f30a4ba05ffab3bad46b7a51620b@roshdieh.radionhub.com> [InternalId=79285096289546, Hostname=CY1PR07MB1448.namprd07.prod.googlemail.com] 8049 bytes in 0.226, 34.732 KB/sec Queued mail for delivery)
Mar 20 13:45:16 ip-172-2-0-53 sendmail[1295]: v2KKfjCN001293: to=<abc@yahoo.com>, delay=00:03:31, xdelay=00:03:31, mailer=esmtp, pri=120883, relay=mta5.am0.yahoodns.net. [xx.xxx.xx.xx], dsn=2.0.0, stat=Sent (ok dirdel)
Mar 20 08:54:57 ip-172-2-0-53 sendmail[32712]: v2KFss7V032710: to=<xyz@hotmail.com>, delay=00:00:03, xdelay=00:00:03, mailer=esmtp, pri=120892, relay=mx4.hotmail.com. [xxx.xxx.xx.xxx], dsn=2.0.0, stat=Sent ( <fbdaef9668d4308008be663d52cf2c8d@isc.radionhub.com> Queued mail for delivery)

和每條線路的預期輸出我檢測到延遲超過 1 分鐘

sendmail[5857]: delay=00:02:34 Hostname=BY1PR0701MB1752.namprd07.prod.gmail.com]
sendmail[5478]: delay=00:01:17 Hostname=CY1PR07MB1448.namprd07.prod.googlemail.com]
sendmail[1295]: delay=00:03:31

如何使用 shell 腳本解決這個問題？

這不再是 sed 選項。您必須解析字元串 where time is 00:01:00，00:10:00或01:00:07計算超過 60 秒。

我想出了一個awk文件

{ result = "" ;
  for (i=1;i<=NF;i++) {
    if ( $i ~ /^delay=/ ) {
      s=split(substr($i,6) ,A,":") ;
      t=60*A[1]+A[2] ;
      #printf "%2d : %d mn (60x%s+%s) : %s\n",i,t,A[1],A[2],$i ;
      if ( !t  ) next ;
      result = $i ;
    }
    if ( $i ~ /^Hostname/ ) result = result $i ;

 }
 if ( result != "" ) print result ;
}

一些提示：

• ( $i ~ /^foo/ )將第 i 個欄位與 foo 匹配（^：模式開始）
• split(substr($i,6) ,A,":")在數組 A 中拆分 H:M:S 部分
• A = B C: 將字元串 B 和 C 連接到 A

今天的範例給出了（u作為您的文件名，u.awk作為保存 awk 程序的文件）

awk -f u.awk u
delay=00:02:34, Hostname=BY1PR0701MB1752.namprd07.prod.gmail.com]
delay=00:01:17, Hostname=CY1PR07MB1448.namprd07.prod.googlemail.com]
delay=00:03:31,

引用自：https://unix.stackexchange.com/questions/354821