题
I'm dealing with a problem that i don't know if is possible to solve this way, hope you can help me, Let's see:
I'm using Monit to monitor some log files, and i want it to look for a certain expression, but I only want a positive match if that expression appears more than, let's say 3 times.
The log file in question looks like this:
https://stackoverflow.com/questions/15393281
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian[2013/03/12-16:07:06] Configurator :: FillSensor()
[2013/03/12-16:07:06] [SEVERE] :: Exception was caught: Could not bind to port.. Exiting.
[2013/03/12-16:07:06] Configurator :: FillSensor()
[2013/03/12-16:07:06] Configurator :: FillSensor()
[2013/03/12-16:07:06] [SEVERE] :: Exception was caught: Could not bind to port.. Exiting.
[2013/03/12-16:07:06] Configurator :: FillSensor()
[2013/03/12-16:07:06] Configurator :: FillSensor()
[2013/03/12-16:07:06] Configurator :: FillSensor()
[2013/03/12-16:07:06] Configurator :: FillSensor()
[2013/03/12-16:07:06] [SEVERE] :: Exception was caught: Could not bind to port.. Exiting.
[2013/03/12-16:07:06] Configurator :: FillSensor()
[2013/03/12-16:07:06] Configurator :: FillSensor()
[2013/03/12-16:07:06] Configurator :: FillSensor()
[2013/03/12-16:07:06] Configurator :: FillSensor()
[2013/03/12-16:07:06] Configurator :: FillSensor()
[2013/03/12-16:07:06] Configurator :: FillSensor()
[2013/03/12-16:07:06] [SEVERE] :: Exception was caught: Could not bind to port.. Exiting.
[2013/03/12-16:07:06] Configurator :: FillSensor()
And I'm looking for the "[SEVERE]" expression.
I want a match if that expression appears more than 3 times.
I know that .*\[SEVERE\].* gives me all the lines matching that expression, but I want to only match if that number of lines is 3 or more. Is there a way to do it with regular expressions? Or an alternative to do it with Monit perhaps?
解决方案
If you can access your log files in a capable shell:
[ $(cat LOG.txt | grep "\[SEVERE\]" | wc -l) -ge 3 ]
This pipes the file's contents to grep which searches for lines that contain "[SEVERE]" then wc counts the number of lines and the expression returns 0 if the number of lines is greater than or equal to 3.
