如何使用Regex模式查找计数器和日志
21486
Created On 04/24/19 22:45 PM - Last Modified 03/26/21 17:39 PM
Objective
当查看全球计数器、具有长列表输出的命令输出或搜索日志等计数器时,使用 regex 和串联来查找所需的模式是有用的。
Procedure
STEP 1: 查找两个或多个特定全球计数器的增量。
要搜索匹配状态内的多个计数器,请将计数器模式包含在双引号内,并使用每个计数器模式之间的 \| 模式分别识别每个计数器模式。
> show counter global filter delta yes | match "pkt_recv\|flow_health_monitor_rcv"
pkt_recv 1364 36 info packet pktproc Packets received
pkt_recv_zero 682 18 info packet pktproc Packets received from QoS 0
flow_health_monitor_rcv 1364 36 info flow mgmt Health monitoring packet received
> show counter global filter delta yes | match "pkt_recv\|flow_health_monitor_rcv\|flow_health_monitor_xm"
pkt_recv 1024 28 info packet pktproc Packets received
pkt_recv_zero 512 14 info packet pktproc Packets received from QoS 0
flow_health_monitor_rcv 1024 28 info flow mgmt Health monitoring packet received
flow_health_monitor_xmt 1024 28 info flow mgmt Health monitoring packet transmitted
Can be used for any two or more counters names example:
> show counter global filter delta yes | match "flow_fpga_rcv_egr_QM_NH_NF\|flow_fpga_egress_exception_err"STEP 2: 以特定速度查找增量计数器 例如, I 想要查找以四位数速率增量的全球计数器。 下面是 I 做什么:
show counter global filter delta yes | match drop\|[0-9]\{4\}.[a-z]
pkt_recv 1047692 4287 info packet pktproc Packets received
pkt_sock_recv 1036310 4240 info packet pktproc Packets received at socket …
pkt_sock_drop 303 1 info packet pktproc Packets dropped at socket level…
flow_rcv_err 372 1 drop flow parse Packets dropped: flow stage receive error
flow_policy_deny 404 1 drop flow session Session setup: denied by policy
flow_fwd_tap_drop 983327 4023 drop flow forward Packets dropped: Tap interface
flow_parse_l4_cksm 1 0 drop flow parse Packets dropped: TCP/UDP checksum failure
flow_ip_cksm_sw_validation 1015433 4155 info flow pktproc Packets for which IP checksum valida…
flow_tcp_cksm_sw_validation 992092 4059 info flow pktproc Packets for which TCP checksum valid…
flow_tcp_cksm_err_sw 1 0 drop flow pktproc Packets for which TCP checksum error…
tcp_drop_packet 30642 125 warn tcp pktproc packets dropped because of failure …
tcp_drop_out_of_wnd 281 1 warn tcp resource out-of-window packets dropped
以两位数的速度增量计数器:
> show counter global filter delta yes | match drop\|[0-9]\{2\}.[a-z]
pkt_recv 2590 32 info packet pktproc Packets received
pkt_recv_zero 1282 16 info packet pktproc Packets received from QoS 0
pkt_sent 2590 32 info packet pktproc Packets transmitted
flow_np_pkt_rcv 2590 32 info flow offload Packets received from offload processor
flow_np_pkt_xmt 1282 16 info flow offload Packets transmitted to offload processor
flow_host_pkt_rcv 1308 16 info flow mgmt Packets received from control plane
flow_host_pkt_xmt 1282 16 info flow mgmt Packets transmitted to control plane
flow_health_monitor_rcv 2590 32 info flow mgmt Health monitoring packet received
flow_health_monitor_xmt 2590 32 info flow mgmt Health monitoring packet transmitted
pkt_flow_np 1282 16 info packet resource Packets entered module flow stage np
pkt_flow_host 1308 16 info packet resource Packets entered module flow stage hostSTEP 3:在不同的行上涂上两个或多个图案:
> debug system process-info | match Name\|useridd Name PID CPU% FDs Open Virt Mem Res Mem State useridd 7229 0 23 577036 210924 S
搜索过程并打印时间戳以查看模式:
> grep pattern "--- processes\|varrcvr" mp-log mp-monitor.log 2019-04-24 13:04:07.107 +0800 --- processes varrcvr 7380 0 6 601588 44436 S varrcvr 7380 0 kB 44412 kB 2019-04-24 13:07:07.124 +0800 --- processes varrcvr 7380 0 6 601588 44364 S varrcvr 7380 0 kB 44364 kB varrcvr 7380 0 kB 44316 kB 2019-04-24 13:10:07.145 +0800 --- processes varrcvr 7380 0 6 601588 44292 S varrcvr 7380 0 kB 44268 kB