1. 首页
  2. 问答
  3. Powershell解析XML日志文件&获取当前分析的文件名

Powershell解析XML日志文件&获取当前分析的文件名

2016-01-15 21 views
1

我是新的PowerShell和需要指导。已经在网站上寻找答案并空白,决定改为提问。如果已解答,请转到链接。Powershell解析XML日志文件&获取当前分析的文件名

我有一个应用程序日志(XML格式)象下面这样:

<log><identifier>123axr4x5</identifier><login>USER1</login><source>Order-Management</source><AddlInfo>Execution Time : 20ms</AddlInfo><Exception></Exception><timestamp>01/01/2015:22:00:00</timestamp><serverticks>643670855</serverticks><PID>1234</PID><Machine>PRD01X12mm</Machine></log> 

<log><identifier>dd8jksl3g</identifier><login>USER2</login><source>Service-Assurance</source><AddlInfo>Execution Time : 80ms</AddlInfo><Exception></Exception><timestamp>01/01/2015:22:00:00</timestamp><serverticks>643680865</serverticks><PID>1234</PID><Machine>PRD01X12mm</Machine></log> 
: and so on

我创建一个日志分析器,将扫描的文件夹和其匹配正则表达式模式的子文件夹,并基于特定的阈值,输出到gridview /导出为CSV。我差不多完成了,但是我无法解决1个问题,这是获取文件名目前正在解析,要显示在gridview上。

基本上我使用管道获取-ChildItem如下

Get-ChildItem $Dir -recurse -Filter *logging*.txt| 
Sort-Object LastWriteTime | 
?{$_.LastWriteTime -gt (Get-Date).AddMinutes(-60)}| 
Select-String -Pattern $Text | 
Select-String -Pattern $Text3 | 
Select-String -Pattern $Text2 -allmatches | 
Foreach-Object { 
$information = $_|Select-Object -Property API, Duration,DataRetrieved, ServerTime, ServerTicks , Identifier, Filename 
$information.Filename = $_.Name  
#$information.Filename = $_.FullName 

} | 
Out-GridView

以下是完整代码:

$Dir = "C:\log\" 
$threshold = 1 + 0 

$StartTime = (Get-Date).ToString(); 
$EndTime = (Get-Date).ToString(); 

$Text = "abc" 
$Text2 = "def" 
$Text3 = "ghi" 
$OutFile = "result" 

$OutPath = $Dir + $OutFile + ".txt" 

#ExtractionParameters 
$AddlInnfoTagBegin = "AddlInfo" 
$AddlInnfoTagEnd = "/AddlInfo" 
$ServerTimeOfLogTagBegin = "ServerTimeOfLog" 
$ServerTimeOfLogTagEnd = "/ServerTimeOfLog" 
$ServerTicksTagBegin = "ServerTicks" 
$ServerTicksTagEnd = "/ServerTicks" 
$IdentifierTagBegin = "Identifier" 
$IdentifierTagEnd = "/Identifier" 

#parse file in folders 
Get-ChildItem $Dir -recurse -Filter *logging*.txt| 
Sort-Object LastWriteTime | 
#?{$_.LastWriteTime -gt (Get-Date).AddMinutes(-60)}| 
Select-String -Pattern $Text | 
Select-String -Pattern $Text3 | 
Select-String -Pattern $Text2 -allmatches | 
Foreach-Object { 

    # take line and split it at tabulators 
    $parts = $_.Line 

    #write $parts 
    $indexOfAddlInfoBegin = $parts.IndexOf($AddlInnfoTagBegin) + $AddlInnfoTagBegin.Length +1 
    $indexOfAddlInfoEnd = $parts.IndexOf($AddlInnfoTagEnd) -1 

    $AddlInfoData = $parts.Substring($indexOfAddlInfoBegin, $indexOfAddlInfoEnd - $indexOfAddlInfoBegin) 
    $AddlInfoReplaced = $AddlInfoData.Replace(" seconds ","@") 
    $AddlInfoSplit = $AddlInfoReplaced.Split('@') 
    $information = $_|Select-Object -Property API, Duration,DataRetrieved, ServerTime, ServerTicks , Identifier, Filename 

    #get filename, which does not work 
    $information.Filename = $_.Name 
    #$information.Filename = $_.FullName 

    $information.API = $AddlInfoSplit[0].Split(':')[0] 

    $information.DataRetrieved = $AddlInfoSplit[1] 
    $information.Duration = $AddlInfoSplit[0].Split(':')[1] 
    $information.Duration = $information.Duration.Replace("Execution Time = ","") 

    $indexOfServerTimeBegin = $parts.IndexOf($ServerTimeOfLogTagBegin) + $ServerTimeOfLogTagBegin.Length +1 
    $indexOfServerTimeEnd = $parts.IndexOf($ServerTimeOfLogTagEnd) -1 
    $ServerTimeData = $parts.Substring($indexOfServerTimeBegin, $indexOfServerTimeEnd - $indexOfServerTimeBegin) 
    $information.ServerTime = $ServerTimeData 


    $indexOfServerTicksBegin = $parts.IndexOf($ServerTicksTagBegin) + $ServerTicksTagBegin.Length +1 
    $indexOfServerTicksEnd = $parts.IndexOf($ServerTicksTagEnd) -1 
    $ServerTickData = $parts.Substring($indexOfServerTicksBegin, $indexOfServerTicksEnd - $indexOfServerTicksBegin) 
    $information.ServerTicks = $ServerTickData 

    $indexOfIdentifierBegin = $parts.IndexOf($IdentifierTagBegin) + $IdentifierTagBegin.Length +1 
    $indexOfIdentifierEnd = $parts.IndexOf($IdentifierTagEnd) -1 

    $IdentifierData = $parts.Substring($indexOfIdentifierBegin, $indexOfIdentifierEnd - $indexOfIdentifierBegin) 
    $information.Identifier = $IdentifierData 

    $DurationAsInt = 0 + $information.Duration 
    if($DurationAsInt -gt $threshold) { 
    write $information 
    } 
} | 
Out-GridView 
#Out-File -FilePath $OutPath -Append -Width 200

任何帮助表示赞赏,感谢!

-CL

来源

2016-01-15 clt1983

回答

1

您正在查找的房产是“FileName”。

$information.Filename = $_.FileName

PowerShell的提供了cmdlet的“获取会员”,这将列出所有可用的属性/方法。你可以枚举成员来安慰和检查什么是可用的

Write-Host ($_ | Get-Member)

来源

2016-01-15 17:32:19 Baski

+0

感谢巴斯基!很高兴知道Get-Member cmdlet,再次感谢! – clt1983

相关问题

 相关问题