解析自定义日志文件

Question

我有一个日志文件(*.log)我想解析和查询如下:

Line 33043: 17/07/2016;13:26:45;GetMasterOrderNo;Master Order No is :  1117103907 for SoSupplierOrderNo, 1117103907
Line 33048: 17/07/2016;13:26:45;AddAutoPurchHdr;Could not save PurchHdr record - The supplier order number has already been used in Delivery Note No.1117103907 (Order No.1117103907), Supplier SupplierName(51)
Line 33049: 17/07/2016;13:26:45;ImportASN;ConvertASNFiles: Failed to import GRN1171_0000700384_1117103907.xml.  Could not save PurchHdr record - The supplier order number has already been used in Delivery Note No.1117103907 (Order No.1117103907), Supplier SupplierName(51)

我想要做的是用标题分割每一行,如下所示:

• 线,
• 日期,
• 时间,
• 类型,
• 描述

...所以我可以对此进行查询.

这样做的最佳方式是什么？

Answer 1

您可以使用正则表达式捕获这些字段:

$content = Get-Content 'your_log_path' -raw
$regex = 'Line\s+(\d+):\s+([^;]+);([^;]+);([^;]+);(.+)'
[regex]::Matches($content, $regex) | ForEach-Object {
    [PsCustomObject]@{
        Line = $_.Groups[1].Value
        Date = $_.Groups[2].Value
        Time = $_.Groups[3].Value
        Type = $_.Groups[4].Value
        Description = $_.Groups[5].Value
    }
}

输出:

Line        : 33043
Date        : 17/07/2016
Time        : 13:26:45
Type        : GetMasterOrderNo
Description : Master Order No is :  1117103907 for SoSupplierOrderNo, 1117103907

Line        : 33048
Date        : 17/07/2016
Time        : 13:26:45
Type        : AddAutoPurchHdr
Description : Could not save PurchHdr record - The supplier order number has already been used in Delivery Note No.1117103907 (Order No.1117103907), Supplier SupplierName(51)

Line        : 33049
Date        : 17/07/2016
Time        : 13:26:45
Type        : ImportASN
Description : ConvertASNFiles: Failed to import GRN1171_0000700384_1117103907.xml.  Could not save PurchHdr record - The supplier order number has already been used in Delivery Note 
              No.1117103907 (Order No.1117103907), Supplier SupplierName(51)

正则表达式:

Line\s+(\d+):\s+([^;]+);([^;]+);([^;]+);(.+)

Answer 2

对马丁非常好的答案有点了解.[PSCustomObject]构造在powershell v2主机上不起作用.

$content = Get-Content 'your_log_path' -raw
$regex = 'Line\s+(\d+):\s+([^;]+);([^;]+);([^;]+);(.+)'
[regex]::Matches($content, $regex) | ForEach-Object {
    $obj = New-Object PSObject
    $obj | Add-Member -MemberType NoteProperty -Name Line -Value $_.Groups[1].Value
    $obj | Add-Member -MemberType NoteProperty -Name Date -Value $_.Groups[2].Value
    $obj | Add-Member -MemberType NoteProperty -Name Time -Value $_.Groups[3].Value
    $obj | Add-Member -MemberType NoteProperty -Name Type -Value $_.Groups[4].Value
    $obj | Add-Member -MemberType NoteProperty -Name Description -Value $_.Groups[5].Value
    $obj
}