powershell - Search for certain strings in a file, without looping through the content twice -


i have list of log files, these log files created every day @ 00:00:00, each day gets logged in seperate log file. 4 log files 4 different reasons created everyday, , have loop on them , select error messages.

the log files have following structure:

07.11.2016 12:00:41  flag: mandant=1, modul=v, pool=5 07.11.2016 12:00:41  verarbeiten: m1, v, pool 5, dok 526198(), doktyp 3, skript bu-co110.ff, drucker 97 07.11.2016 12:00:41  fataler fehler saldocpoolitem_process(5,): err-226/ver-dokument  nicht gefunden:           0  07.11.2016 12:00:57  flag: mandant=1, modul=v, pool=5 07.11.2016 12:00:57  verarbeiten: m1, v, pool 5, dok 526198(), doktyp 3, skript bu-co110.ff, drucker 97 07.11.2016 12:00:57  fataler fehler saldocpoolitem_process(5,): err-226/ver-dokument  nicht gefunden:           0  07.11.2016 12:01:13  flag: mandant=1, modul=v, pool=5 07.11.2016 12:01:13  verarbeiten: m1, v, pool 5, dok 526198(), doktyp 3, skript bu-co110.ff, drucker 97 07.11.2016 12:01:13  fataler fehler saldocpoolitem_process(5,): err-226/ver-dokument  nicht gefunden:           0

as can see theres message "fataler fehler" on bottom of each block, need whole block array, , send "fataler fehler" blocks of log files in simple e-mail.

now have code, code either has mistake, or needs more 10 minutes execute, since ran 5 minutes before starting write question, , it's still not finished.

goal: have blocks in $failarray variable

can tell me better way achieve goal? don't using get-content twice because feel it's not necessary, i'm sure there's better solution mine:

# prepare array $failarray = @()  # search log files $a = gci "c:\path" -filter *.log | ? { $_.lastwritetime -ge (get-date).adddays('-1') }  # loop on log files $a | % {     # there errors in log?     $x = get-content $_.fullname | ? { $_ -like "*fehler*" }     # if there errors in block, "time stamp" of block, 12:00:57     if ($x) { $y = $x | % { $_.split(' ')[1] } } else { return }     # search whole block, depending on timestamp     $z = get-content $_.fullname | ? { $_ -like "*$y*" }     # add found blocks failarray     $failarray += $z }

more: sometimes, first message of block has timestamp 1 second different others - possible still whole block somehow? (just nice have, not necessary)

07.11.2016 12:00:24  flag: mandant=1, modul=v, pool=5 07.11.2016 12:00:25  verarbeiten: m1, v, pool 5, dok 526198(), doktyp 3, skript bu-co110.ff, drucker 97 07.11.2016 12:00:25  fataler fehler saldocpoolitem_process(5,): err-226/ver-dokument  nicht gefunden:

you can use -context parameter , select 2 lines above match + actual match:

$failarray = gci "c:\path" -filter *.log | ? { $_.lastwritetime -ge (get-date).adddays('-1') } | % {    select-string -path  $_ -pattern 'fataler fehler' -context 2,0 | foreach {$_.context.precontext; $_.line} }

Comments

Post a Comment

Popular posts from this blog

aws api gateway - SerializationException in posting new Records via Dynamodb Proxy Service in API -

i getting "__type": "com.amazon.coral.service#serializationexception" as reply in postman & in test console in api gateway trying post record directly dynamodb using api proxy services.. referring aws article - https://aws.amazon.com/blogs/compute/using-amazon-api-gateway-as-a-proxy-for-dynamodb/ here's mapping { "tablename": "tablenamegoeshere", "item": { "id" : "$context.requestid" "eventname" : "$input.path('$.eventname')", "timestamp" : $input.path('$.timestamp'), "answers": "$util.parsejson($input.path('$.answers'))" } } update: did asked ... , worked if try add array of json objects gives me above same error - here's trying now. please - couldnt find on google well #set($inputroot = $input.path('$')) { "tablename": "answer", "item": {
Read more

asp.net - Problems sending emails from forum -

i have been redesigning site has message board, has been written guy looked after site. it has few problems , written in .asp , uses .mdb files database. you can see whole thing here . feel free post if helps, test thing have set using original files , new database. the basic problem when posts message, supposed email sent them, have posted it. when replies, originator supposed message, replier has been posted. i’d have thought @ point in process there should script/file in postmessage.asp? the postmessage.asp page below. <% option explicit %> <!-- #include virtual="common/adovbs.inc" --> <html> <head> <meta http-equiv="content-type" content="text/html; charset=windows-1252"> <meta name="generator" content="microsoft frontpage 4.0"> <meta name="progid" content="frontpage.editor.document"> <title>new page 2</title> <base target="_self"
Read more