高级解析cmd的日志文件

Question

我需要解析cmd中的日志文件（通过使用find或findstr命令）才能获取特定的记录。该日志文件的

实施例：

[2017-04-10 10:53:58.597] [info ] [settings ] [ 1052: 1012] paths.ini_store configuration is empty, settings ini store folder to asw::instup::GetDataDirectory. 
[2017-04-10 10:53:58.597] [info ] [crashguard ] [ 1052: 1012] CrashGuard global exception handler installed 
[2017-04-10 10:53:58.738] [debug ] [lim_base ] [ 1052: 3560] Alpha's version:'1 
[2017-04-10 10:53:58.738] [info ] [lim_base ] [ 1052: 3560] Alpha settings - enabled:'1' 
[2017-04-10 10:54:35.118] [debug ] [lim_av  ] [ 1052: 4960] ALPHA PROTO: 
                   'walletKey: "XXXXX-YYYYY-ZZZZZZ" 
                   ' 
[2017-04-10 10:54:35.196] [debug ] [aswlog  ] [ 1052: 4524] c:\windows\system32\fundisc.dll 
[2017-04-10 10:54:35.212] [info ] [lim_av  ] [ 1052: 4960] IQS - response 
[2017-04-10 10:54:35.227] [debug ] [aswlog  ] [ 1052: 4524] c:\windows\system32\fvecerts.dll 
[2017-04-10 10:54:35.227] [debug ] [lim_burg ] [ 1052: 4960] IqsInfo 
[2017-04-10 10:54:35.227] [debug ] [lim_burg ] [ 1052: 4960] ALPHA PROTO: 
                   'token: "ea0989e5-acdc-4cf6-ba1c-e9bdad98b7ce" 
                   wallet_key: "XXXXX-YYYYY-ZZZZZZ" 
                   data: SOME_DATA 
                   success: true 
                   ' 
[2017-04-10 10:56:05.986] [debug ] [settings ] [ 1052: 2444] Property 'avdef://config/Custody/Enabled' has no entry in defaults map. 
[2017-04-10 10:56:06.018] [debug ] [settings ] [ 1052: 2444] Property 'avdef://config/Custody/Enabled' has no entry in defaults map. 

我需要有在输出（控制台或文件输出）如下：

1. 含有 “[LIM” 字符串整个记录（这是超级简单，但..）
2. 部分位于“PROTO:”和下一个记录开始[2017..

，以便为上面的例子应该给我：

[2017-04-10 10:53:58.738] [debug ] [lim_base ] [ 1052: 3560] Alpha's version:'1 
[2017-04-10 10:53:58.738] [info ] [lim_base ] [ 1052: 3560] Alpha settings - enabled:'1' 
[2017-04-10 10:54:35.118] [debug ] [lim_av  ] [ 1052: 4960] ALPHA PROTO: 
                   'walletKey: "XXXXX-YYYYY-ZZZZZZ" 
                   ' 
[2017-04-10 10:54:35.212] [info ] [lim_av  ] [ 1052: 4960] IQS - response 
[2017-04-10 10:54:35.227] [debug ] [lim_burg ] [ 1052: 4960] IqsInfo 
[2017-04-10 10:54:35.227] [debug ] [lim_burg ] [ 1052: 4960] ALPHA PROTO: 
                   'token: "ea0989e5-acdc-4cf6-ba1c-e9bdad98b7ce" 
                   wallet_key: "XXXXX-YYYYY-ZZZZZZ" 
                   data: SOME_DATA 
                   success: true 
                   ' 

我用Google搜索，并调整如下：

@echo off > newfile & setLocal enableDELAYedeXpansioN 
set H= 
set T= 
for /f "tokens=1* delims=" %%a IN ('find /n /i "PROTO:" service.log') do (
    echo.%%a 
    set H=%%a 
    for /f "tokens=1* delims=" %%a in ('find /n /i "'" service.log') do (
    set T=%%a 
    ) 
    for /f "tokens=1* delims= " %%a in ('find /n /v "[2017" service.log') do (
    if %%a gtr !H! if %%a lss !T! echo.%%b 
) 
) 

但正如我需要的，它不工作，我会感谢您的帮助。谢谢！

Answer 1

@echo off 
setlocal 

rem Reading from input file, call :processFile subroutine and create output file 
call :processFile <service.log> newfile.txt 
goto :EOF 


:processFile 

rem Read lines until find "[lim" string 
set /P "line=" 
if errorlevel 1 exit /B 
:checkLine 
if "%line:[lim=%" equ "%line%" goto processFile 

rem Output this line 
echo %line% 

rem Check if this line have "PROTO:" string 
if "%line:PROTO:=%" equ "%line%" goto processFile 

rem Output next lines until find "[2017" string at beginning 
:nextLine 
set /P "line=" 
if errorlevel 1 exit /B 
if "%line:~0,5%" equ "[2017" goto checkLine 
echo %line% 
goto nextLine