linux 日志查询

tail -n 400 logname | grep "AAA"

 

grep 简单使用

 

 

 

1.把要查询的行写到文本里面去：

grep WXCP IC.NotifyIndexServer_filter_succ_20180412.log > a.txt

 

 

2.超时log查询：

cat IC.IndexServer_req_20190225.log |awk -F'|' '{print $6}'|awk -F'm' '{if ($1 > 3000) print $1}' > chaoshi.log 

打印最后一列的数据： awk -F'|' '{print $NF}'

是字符串比较的话，要加双引号：

　　awk -F 'm' '{if ($1 == "aaa") print $1}' 

 

3.统计日志中某字符串出现次数并倒序排列（awk + uniq + sort）：

参见：https://blog.csdn.net/qq_28766327/article/details/78069989

cat IC.IndexServer_req_20190314.log | awk -F'|' '{print $5}' | awk -F'_' '{print $1}' | sort | uniq -c | sort -nr > count.log

排序结果：

第一列是计数，第二列是查询的字符串

 

4.统计日志中的总成交金额

algo_spi.cpp:OnRtnAlgoBusTradeInfo:238:fund_id:10100003156 fund_type:1 algo_instance_id:7463402491145683259 order_ref:135 security_id:159993 market_id:2 order_side:2 price_type:1 order_price:1.1280 order_qty:99900 order_id:110001089 order_mid_id:G0324695 exec_id:G0324695_2_736371779420869 trade_price:1.1280 trade_qty:99900 trade_time:1779426600　

less sell_trade.log | awk -F'trade_price:' '{print $2}' | awk -F'trade_time' '{print$1}' |awk -F' trade_qty:' '{total+=$1*$2} END { printf "%.6f\n", total }' > total_sell.log

 

5.按券统计成交金额

awk '
{
    sid=0; side=0; price=0; qty=0;
    for (i=1;i<=NF;i++) {
        split($i, a, ":");
        if (a[1]=="security_id") sid=a[2];
        if (a[1]=="order_side")  side=a[2];
        if (a[1]=="trade_price") price=a[2]+0;
        if (a[1]=="trade_qty")   qty=a[2]+0;
    }
    if (sid && (side==1||side==2) && price && qty) {
        if (side==1) buy[sid]  += price*qty;
        if (side==2) sell[sid] += price*qty;
    }
}
END {
    printf "%-12s,%15s,%15s,%15s\n","security_id","buy_cost","sell_income","profit";
    for (s in buy)
        printf "%-12s,%15.2f,%15.2f,%15.2f\n", s, buy[s], sell[s]+0, sell[s]-buy[s];
}
' all_trade.log | column -t > all_profit.log