Im trying to get a value (IP address) from a W3C logfile (kinda like a text file). This is what I have so far but with no luck:
我试图从W3C日志文件(有点像文本文件)获取值(IP地址)。这是我到目前为止,但没有运气:
Set filename=ex%date:~-2,4%%date:~-10,2%%date:~-7,2%.log
For /F "tokens=2 delims=: . " %%A in ('E:\WINDOWS\system32\LogFiles\MSFTPSVC6141885\%filename%') do (Set ip=%%A)
and the log file looks like:
并且日志文件如下所示:
# Software: Microsoft Internet Information Services 6.0 # Version: 1.0 #Date: 2009-01-10 20:58:16 #Fields: time c-ip cs-method cs-uri-stem sc-status sc-win32-status #20:58:16 10.10.1.111 [25]USER anonymous 331 0
so the IP adress is on the 5th line second column (10.10.1.111)
所以IP地址在第5行第二栏(10.10.1.111)
any feedback would be appreciated!
对于任何反馈,我们都表示感谢!
2 个解决方案
#1
Have you tried Microsoft Log Parser? Supposedly it supports W3C-style log files out-of-the-box. I don't know what you're trying to do, but it might be easier than hand-crafting a batch file.
你试过Microsoft Log Parser吗?据说它支持开箱即用的W3C风格的日志文件。我不知道你要做什么,但它可能比手工制作批处理文件更容易。
Alternatively, install AWK (e.g. from Cygwin). Or even Perl -- this is its raison-d'etre.
或者,安装AWK(例如来自Cygwin)。甚至是Perl--这是它的存在理由。
#2
Change your for line to this:
将您的换行更改为:
For /F "skip=4 tokens=2" %%A in (E:\WINDOWS\system32\LogFiles\MSFTPSVC6141885\%filename%) do (
Set ip=%%A
goto :DONE
)
:DONE
@echo IP = %ip%
:: Continue script
skip=4 will ignore the first four lines of the log file and start parsing the 5th. You need the goto to stop from parsing the rest of the lines in the file, otherwise you'll spin through the whole file and ip would equal the second token of the last line, which may or may not be the IP address.
skip = 4将忽略日志文件的前四行并开始解析第五行。您需要goto停止解析文件中的其余行,否则您将遍历整个文件并且ip将等于最后一行的第二个令牌,其可能是也可能不是IP地址。
The default delimiter is space, so you don't need to change this with a delims arg. You do want just the second token, which is the IP address.
默认分隔符是空格,因此您无需使用delims arg更改此分隔符。您只需要第二个令牌,即IP地址。
You don't need to enclose the filename in single quotes, since you're parsing the contents of the file, not the filename string. If the filename has embedded spaces you would have to use this for line instead:
您不需要将文件名括在单引号中,因为您正在解析文件的内容,而不是文件名字符串。如果文件名有嵌入空格,则必须使用此行代替:
For /F "usebackq skip=4 tokens=2" %%A in ("E:\WINDOWS\system32\LogFiles\MSFTPSVC6141885\%filename%") do (
#1
Have you tried Microsoft Log Parser? Supposedly it supports W3C-style log files out-of-the-box. I don't know what you're trying to do, but it might be easier than hand-crafting a batch file.
你试过Microsoft Log Parser吗?据说它支持开箱即用的W3C风格的日志文件。我不知道你要做什么,但它可能比手工制作批处理文件更容易。
Alternatively, install AWK (e.g. from Cygwin). Or even Perl -- this is its raison-d'etre.
或者,安装AWK(例如来自Cygwin)。甚至是Perl--这是它的存在理由。
#2
Change your for line to this:
将您的换行更改为:
For /F "skip=4 tokens=2" %%A in (E:\WINDOWS\system32\LogFiles\MSFTPSVC6141885\%filename%) do (
Set ip=%%A
goto :DONE
)
:DONE
@echo IP = %ip%
:: Continue script
skip=4 will ignore the first four lines of the log file and start parsing the 5th. You need the goto to stop from parsing the rest of the lines in the file, otherwise you'll spin through the whole file and ip would equal the second token of the last line, which may or may not be the IP address.
skip = 4将忽略日志文件的前四行并开始解析第五行。您需要goto停止解析文件中的其余行,否则您将遍历整个文件并且ip将等于最后一行的第二个令牌,其可能是也可能不是IP地址。
The default delimiter is space, so you don't need to change this with a delims arg. You do want just the second token, which is the IP address.
默认分隔符是空格,因此您无需使用delims arg更改此分隔符。您只需要第二个令牌,即IP地址。
You don't need to enclose the filename in single quotes, since you're parsing the contents of the file, not the filename string. If the filename has embedded spaces you would have to use this for line instead:
您不需要将文件名括在单引号中,因为您正在解析文件的内容,而不是文件名字符串。如果文件名有嵌入空格,则必须使用此行代替:
For /F "usebackq skip=4 tokens=2" %%A in ("E:\WINDOWS\system32\LogFiles\MSFTPSVC6141885\%filename%") do (