我有很多这种格式的文件日志:
[Windows user ] Pâmela
[Host name ] DV6000
[Local time ] 14:25:07
[System time ] 17:25:07
[ASCWebBrowser info] 1.1.1
[Last Write Time ] 07/19/2016 14:01
[HD Info ] Volume name: , Serial: 1713925408, File System: NTFS, Max Component Length: 255
[Network Info
[Index ] 48
[Type ] 1
[Description ] TAP-Win32 Adapter OAS #6
[Name ] {343D77F2-B3CE-414B-AE01-E248D3FC85F6}
[Ip address ] 169.254.92.162
[MAC Address ] 00-FF-34-3D-77-F2
[Gateway ] 0.0.0.0
[Mask ] 255.255.0.0
[Index ] 38
[Type ] 1
[Description ] TAP-Windows Adapter V9 #6
[Name ] {C81FC3F7-19F9-44DD-9470-4982F48A141D}
[Ip address ] 169.254.96.118
[MAC Address ] 00-FF-C8-1F-C3-F7
[Gateway ] 0.0.0.0
[Mask ] 255.255.0.0
[Index ] 36
[Type ] 1
[Description ] TAP-Win32 Adapter OAS #5
[Name ] {72115AC7-4EE2-4CB3-A8D2-
]
我需要将每一行转换成一列。如您所见,有 1 个或多个网络信息。那将是一张子表,其余的都是父表。我已经通过 Hive 阅读了这个日志,但我现在仍然停留在如何旋转/转置它上。
到目前为止,我已经尝试了以下方法:
DataFrame 枢轴。没办法,因为需要聚合。DataFrame 枢轴。它提示索引重复。相同的信息可以出现在不同的日志中,因此唯一唯一的是文件名。 加入。尝试使用文件名作为连接列进行自连接,但它会生成笛卡尔结果。 RowNumber 是由 dense_rank) 在 fname 上生成的列。问题是对于每个 IP,它都连接到每个描述,而不仅仅是相同的描述。因此,对于 2 个 IP,它为每个掩码创建 4 行,8 行,依此类推。
select coalesce(hn.value, "No_Name") as hostname, d.value as decription,
g.value as gateway,i.value as "index", p.value as IP, mc.value as MAC,
m.value as Mask, n.value as "Name", t.value as "Type"
from net_asclogs_p hn left join net_asclogs_p d on hn.fname=d.fname and d.rownumber= 1
left join net_asclogs_p g on hn.fname=g.fname and g.rownumber=2
left join net_asclogs_p i on hn.fname=i.fname and i.rownumber=4
left join net_asclogs_p p on hn.fname=p.fname and p.rownumber=5
left join net_asclogs_p mc on hn.fname=mc.fname and mc.rownumber=6
left join net_asclogs_p m on hn.fname=m.fname and m.rownumber=7
left join net_asclogs_p n on hn.fname=n.fname and n.rownumber=8
left join net_asclogs_p t on hn.fname=t.fname and t.rownumber=9
where hn.rownumber=3;
尝试了 Brickhouse 的 Collect,但它只带来了最后一条记录,而不是全部。
尝试了 RegexSerde,但我确定我在这里没有得到任何东西,因为所有字段都是空的:
CREATE EXTERNAL TABLE IF NOT EXISTS asclogs1 (host string, index string)
ROW FORMAT SERDE 'org.apache.hadoop.hive.serde2.RegexSerDe' WITH SERDEPROPERTIES
( "input.regex" = "Host name\\s{2,}\\]\\s(\\w+)|Index\\s{2,}\\]\\s(\\w+).*",
"output.format.string" = "%1$s %2$s" )
STORED AS TEXTFILE LOCATION 'hdfs:///asclogs/'
好吧,我没主意了。最后的办法是用 Java 编写自定义类。有其他选择吗?
最佳答案
create external table log (key string,val string)
row format serde 'org.apache.hadoop.hive.serde2.RegexSerDe'
with serdeproperties ("input.regex" = "\\s*\\[(.*?)\\s*(?:\\]|$)\\s*(.*)")
;
select * from log
;
+--------------------+---------------------------------------------------------------------------------+
| key | val |
+--------------------+---------------------------------------------------------------------------------+
| Windows user | Pâmela |
| Host name | DV6000 |
| Local time | 14:25:07 |
| System time | 17:25:07 |
| ASCWebBrowser info | 1.1.1 |
| Last Write Time | 07/19/2016 14:01 |
| HD Info | Volume name: , Serial: 1713925408, File System: NTFS, Max Component Length: 255 |
| Network Info | |
| Index | 48 |
| Type | 1 |
| Description | TAP-Win32 Adapter OAS #6 |
| Name | {343D77F2-B3CE-414B-AE01-E248D3FC85F6} |
| Ip address | 169.254.92.162 |
| MAC Address | 00-FF-34-3D-77-F2 |
| Gateway | 0.0.0.0 |
| Mask | 255.255.0.0 |
| (null) | (null) |
| Index | 38 |
| Type | 1 |
| Description | TAP-Windows Adapter V9 #6 |
| Name | {C81FC3F7-19F9-44DD-9470-4982F48A141D} |
| Ip address | 169.254.96.118 |
| MAC Address | 00-FF-C8-1F-C3-F7 |
| Gateway | 0.0.0.0 |
| Mask | 255.255.0.0 |
| (null) | (null) |
| Index | 36 |
| Type | 1 |
| Description | TAP-Win32 Adapter OAS #5 |
| Name | {72115AC7-4EE2-4CB3-A8D2- |
| (null) | (null) |
+--------------------+---------------------------------------------------------------------------------+
select max (Windows_user) as Windows_user
,max (Host_name) as Host_name
,max (Local_time) as Local_time
,max (System_time) as System_time
,max (ASCWebBrowser_info) as ASCWebBrowser_info
,max (Last_Write_Time) as Last_Write_Time
,max (HD_Info) as HD_Info
,collect_list
(
case when nwi_seq > 0 then
named_struct
(
'Index' ,Index
,'Type' ,Type
,'Description' ,Description
,'Name' ,Name
,'Ip_address' ,Ip_address
,'MAC_Address' ,MAC_Address
,'Gateway' ,Gateway
,'Mask' ,Mask
)
end
) as Network_Info
from (select ifn
,log_seq
,nwi_seq
,max (case when nwi_seq = 0 and key = 'Windows user' then val end) as Windows_user
,max (case when nwi_seq = 0 and key = 'Host name' then val end) as Host_name
,max (case when nwi_seq = 0 and key = 'Local time' then val end) as Local_time
,max (case when nwi_seq = 0 and key = 'System time' then val end) as System_time
,max (case when nwi_seq = 0 and key = 'ASCWebBrowser info' then val end) as ASCWebBrowser_info
,max (case when nwi_seq = 0 and key = 'Last Write Time' then val end) as Last_Write_Time
,max (case when nwi_seq = 0 and key = 'HD Info' then val end) as HD_Info
,max (case when nwi_seq > 0 and key = 'Index' then val end) as Index
,max (case when nwi_seq > 0 and key = 'Type' then val end) as Type
,max (case when nwi_seq > 0 and key = 'Description' then val end) as Description
,max (case when nwi_seq > 0 and key = 'Name' then val end) as Name
,max (case when nwi_seq > 0 and key = 'Ip address ' then val end) as Ip_address
,max (case when nwi_seq > 0 and key = 'MAC Address' then val end) as MAC_Address
,max (case when nwi_seq > 0 and key = 'Gateway' then val end) as Gateway
,max (case when nwi_seq > 0 and key = 'Mask' then val end) as Mask
from (select key
,val
,ifn
,log_seq
,count(case when key = 'Index' then 1 end) over
(
partition by ifn,log_seq
order by boif
) as nwi_seq
from (select key
,val
,input__file__name as ifn
,block__offset__inside__file as boif
,count(case when key = 'Windows user' then 1 end) over
(
partition by input__file__name
order by block__offset__inside__file
) as log_seq
from log
) l
) l
group by ifn
,log_seq
,nwi_seq
) l
group by ifn
,log_seq
;
+--------------+-----------+------------+-------------+--------------------+-------------------+---------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| windows_user | host_name | local_time | system_time | ascwebbrowser_info | last_write_time | hd_info | network_info |
+--------------+-----------+------------+-------------+--------------------+-------------------+---------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Pâmela | DV6000 | 14:25:07 | 17:25:07 | 1.1.1 | 07/19/2016 14:01 | Volume name: , Serial: 1713925408, File System: NTFS, Max Component Length: 255 | [{"index":"48","type":"1","description":"TAP-Win32 Adapter OAS #6","name":"{343D77F2-B3CE-414B-AE01-E248D3FC85F6}","ip_address":null,"mac_address":"00-FF-34-3D-77-F2","gateway":"0.0.0.0","mask":"255.255.0.0"},{"index":"38","type":"1","description":"TAP-Windows Adapter V9 #6","name":"{C81FC3F7-19F9-44DD-9470-4982F48A141D}","ip_address":null,"mac_address":"00-FF-C8-1F-C3-F7","gateway":"0.0.0.0","mask":"255.255.0.0"},{"index":"36","type":"1","description":"TAP-Win32 Adapter OAS #5","name":"{72115AC7-4EE2-4CB3-A8D2-","ip_address":null,"mac_address":null,"gateway":null,"mask":null}] |
+--------------+-----------+------------+-------------+--------------------+-------------------+---------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
关于python - 在 hive 或 pyspark 中透视日志,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44558044/
关闭。这个问题是opinion-based.它目前不接受答案。想要改进这个问题?更新问题,以便editingthispost可以用事实和引用来回答它.关闭4年前。Improvethisquestion我想在固定时间创建一系列低音和高音调的哔哔声。例如:在150毫秒时发出高音调的蜂鸣声在151毫秒时发出低音调的蜂鸣声200毫秒时发出低音调的蜂鸣声250毫秒的高音调蜂鸣声有没有办法在Ruby或Python中做到这一点?我真的不在乎输出编码是什么(.wav、.mp3、.ogg等等),但我确实想创建一个输出文件。
这个问题在这里已经有了答案:关闭10年前。PossibleDuplicate:Pythonconditionalassignmentoperator对于这样一个简单的问题表示歉意,但是谷歌搜索||=并不是很有帮助;)Python中是否有与Ruby和Perl中的||=语句等效的语句?例如:foo="hey"foo||="what"#assignfooifit'sundefined#fooisstill"hey"bar||="yeah"#baris"yeah"另外,类似这样的东西的通用术语是什么?条件分配是我的第一个猜测,但Wikipediapage跟我想的不太一样。
什么是ruby的rack或python的Java的wsgi?还有一个路由库。 最佳答案 来自Python标准PEP333:Bycontrast,althoughJavahasjustasmanywebapplicationframeworksavailable,Java's"servlet"APImakesitpossibleforapplicationswrittenwithanyJavawebapplicationframeworktoruninanywebserverthatsupportstheservletAPI.ht
华为OD机试题本篇题目:明明的随机数题目输入描述输出描述:示例1输入输出说明代码编写思路最近更新的博客华为od2023|什么是华为od,od薪资待遇,od机试题清单华为OD机试真题大全,用Python解华为机试题|机试宝典【华为OD机试】全流程解析+经验分享,题型分享,防作弊指南华为o
我想解析一个已经存在的.mid文件,改变它的乐器,例如从“acousticgrandpiano”到“violin”,然后将它保存回去或作为另一个.mid文件。根据我在文档中看到的内容,该乐器通过program_change或patch_change指令进行了更改,但我找不到任何在已经存在的MIDI文件中执行此操作的库.他们似乎都只支持从头开始创建的MIDI文件。 最佳答案 MIDIpackage会为您完成此操作,但具体方法取决于midi文件的原始内容。一个MIDI文件由一个或多个音轨组成,每个音轨是十六个channel中任何一个上的
本文主要介绍在使用Selenium进行自动化测试或者任务时,对于使用了iframe的页面,如何定位iframe中的元素文章目录场景描述解决方案具体代码场景描述当我们在使用Selenium进行自动化测试的时候,可能会遇到一些界面或者窗体是使用HTML的iframe标签进行承载的。对于iframe中的标签,如果直接查找是无法找到的,会抛出没有找到元素的异常。比如近在咫尺的例子就是,CSDN的登录窗体就是使用的iframe,大家可以尝试通过F12开发者模式查看到的tag_name,class_name,id或者xpath来定位中的页面元素,会抛出NoSuchElementException异常。解决
2022/8/4更新支持加入水印水印必须包含透明图像,并且水印图像大小要等于原图像的大小pythonconvert_image_to_video.py-f30-mwatermark.pngim_dirout.mkv2022/6/21更新让命令行参数更加易用新的命令行使用方法pythonconvert_image_to_video.py-f30im_dirout.mkvFFMPEG命令行转换一组JPG图像到视频时,是将这组图像视为MJPG流。我需要转换一组PNG图像到视频,FFMPEG就不认了。pyav内置了ffmpeg库,不需要系统带有ffmpeg工具因此我使用ffmpeg的python包装p
目录第1题连续问题分析:解法:第2题分组问题分析:解法:第3题间隔连续问题分析:解法:第4题打折日期交叉问题分析:解法:第5题同时在线问题分析:解法:第1题连续问题如下数据为蚂蚁森林中用户领取的减少碳排放量iddtlowcarbon10012021-12-1212310022021-12-124510012021-12-134310012021-12-134510012021-12-132310022021-12-144510012021-12-1423010022021-12-154510012021-12-1523.......找出连续3天及以上减少碳排放量在100以上的用户分析:遇到这类
ValidPalindromeGivenastring,determineifitisapalindrome,consideringonlyalphanumericcharactersandignoringcases. [#125]Example:"Aman,aplan,acanal:Panama"isapalindrome."raceacar"isnotapalindrome.Haveyouconsiderthatthestringmightbeempty?Thisisagoodquestiontoaskduringaninterview.Forthepurposeofthisproblem
是否可以在PyYAML或Ruby的Psych引擎中禁用创建anchor和引用(并有效地显式列出冗余数据)?也许我在网上搜索时遗漏了一些东西,但在Psych中似乎没有太多可用的选项,而且我也无法确定PyYAML是否允许这样做.基本原理是我必须序列化一些数据并将其以可读的形式传递给一个不是真正的技术同事进行手动验证。有些数据是多余的,但我需要以最明确的方式列出它们以提高可读性(anchor和引用是提高效率的好概念,但不是人类可读性)。Ruby和Python是我选择的工具,但如果有其他一些相当简单的方法来“展开”YAML文档,它可能就可以了。 最佳答案