问题描述
首先,因为这是我在这里的第一个问题,我希望我不要搞砸了。这是我第一次使用 Powershell,所以我很迷茫。
30.11.2020 05:05:39 SMTP Server: (Servername) (255.255.255.255) disconnected. 1 message[s] received
30.11.2020 05:05:39 SMTP Server: (Servername) (255.255.254.254) disconnected. 2 message[s] received
30.11.2020 05:05:39 SMTP Server: (Servername) (255.255.255.255) disconnected. 4 message[s] received
30.11.2020 05:05:39 SMTP Server: (Servername) (255.255.234.245) disconnected. 4 message[s] received
30.11.2020 05:05:40 SMTP Server: (Servername) (255.255.253.244) disconnected. 1 message[s] received
30.11.2020 05:05:41 SMTP Server: (Servername) (255.255.255.255) disconnected. 46 message[s] received
30.11.2020 05:05:41 SMTP Server: (Servername) (255.255.234.245) disconnected. 13 message[s] received
所以我的目标是,创建 hastable $SMTP
,它自动将密钥设置为 IP(日志文件中有几个不同的),然后为收到的每条消息计算值。
我想我现在了解了哈希表的基本知识以及如何手动设置每个键和值,但我确信必须有一种方法可以自动执行此操作。
在这一点上我不知道如何继续,我将不胜感激。
真诚的旅行
解决方法
我将使用 -match
正则表达式比较运算符来捕获每一行的 IP 地址和消息计数:
# Create hashtable
$SMTP = @{}
# Iterate over log lines
Get-Content path\to\file.log |ForEach-Object {
if($_ -match '\(((?:\d{1,3}\.){3}\d{1,3})\) disconnected. (\d+) message\[s\]'){
# extract captured substrings
$IP = $matches[1]
$msgCount = $matches[2] -as [int]
# update hashtable
$SMTP[$IP] += $msgCount
}
}