Can someone help me separate a log file into a separate file for each hour & day?

I want a script to extract logs from a file xyz.rawlog, then create a xyz directory full of files named:

我想要一个脚本从文件xyz.rawlog中提取日志，然后创建一个xyz目录，其中包含名为的文件：

Arp-14-00.rawlog
Apr-14-01.rawlog
Full example: 
~/xyz/Apr-14-02.rawlog

One possible issue: Log lines may have the leading 0 in the day field, or it may be spaced out.

一个可能的问题：日志行可能在日期字段中具有前导0，或者它可以间隔开。

Example:
Apr 01 12:
Apr  1 12:

Sample Logs:

示例日志：

Apr 14 02:35:33 DC501.xx.org/10.1.7.145/1.13.136.2 MSWinEventLog,4,Security,3959142,Tue Apr 14 02:35:32 2015,4769,Microsoft-Windows-Security-Auditing,XX.ORG\PereyrR1@XX.ORG,N/A,Success Audit,DC501.xx.org,Kerberos Service Ticket Operations,,A Kerberos service ticket was requested. Account Information: Account Name: PereyrR1@XX.ORG Account Domain: XX.ORG Logon GUID: {2F6FCDED-FBA0-DBF5-88D2-0B048E612E21} Service Information: Service Name: AHCTXXML501$ Service ID: ... –  Joshua C. 44 mins ago  

Apr 14 04:32:16 1232-devr01/127.0.0.1/1.14.0.65 kernel: iptables:IN= OUT=upstream1 SRC=2.7.1.238 DST=207.188.35.17 EN=52 TOS=0x00 PREC=0x00 TTL=64 ID=2574 DF PROTO=TCP SPT=34030 DPT=61613 WINDOW=112 RES=0x00 ACK PSH FIN URGP=0 –

This is how I want the command syntax.

这就是我想要的命令语法。

 ~/Logsplit.sh xyz

Working Script:

工作脚本：

#/bin/bash
mkdir $1
awk -v fpath="$1" -F":" '{ 
    filename = fpath "/" gensub("[ ]+", "-", "g", $1) ".rawlog"; 
    print >> filename
}' $1.rawlog

exit;

2 个解决方案

#1

If I did understand correctly your question, you want to split content by date, where the full line of content is to be inserted in that new file. You can do something like:

如果我确实理解了您的问题，您希望按日期拆分内容，其中整行内容将插入该新文件中。你可以这样做：

mkdir $1
awk -v fpath="$1" -F":" '{ 
    filename = fpath "/" gensub("[ ]+", "-", "g", $1) ".rawlog"; 
    print >> filename
}' $1.rawlog

#2

This should do:

这应该做：

awk -F: '{split($1,a," ");print $1 > a[1]"_"a[2]+0"_"a[3]+0".log"}' *.rawlog

#1