Command "Grep" is something we do require executing in our daily task. What is does is to grep or capture a specific word from file and display.
Used Cases :
1) Suppose we want to find out at how many times word "root" is present in file "passwd".
[administrator1@RedHat7 ~]$ grep root /etc/passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
[administrator1@RedHat7 ~]$ grep ntp /etc/passwd
ntp:x:38:38::/etc/ntp:/sbin/nologin
2) Now what if, apart from number of lines word "root" appears we also want to know the sequence number of line in file.
use "n" to find out sequence number
[administrator1@RedHat7 ~]$ grep -n ntp /etc/passwd
22:ntp:x:38:38::/etc/ntp:/sbin/nologin -⇾ line number 22
[administrator1@RedHat7 ~]$ grep -n root /etc/passwd
1:root:x:0:0:root:/root:/bin/bash
10:operator:x:11:0:operator:/root:/sbin/nologin
Note : Search is case-sensitive so if you look with "Root" no result will be displayed
[administrator1@RedHat7 ~]$ grep -n Root /etc/passwd (no output)
We can ask a system to ignore case-sensitive by adding "i" in syntax
[administrator1@RedHat7 ~]$ grep -ni Root /etc/passwd
1:root:x:0:0:root:/root:/bin/bash
10:operator:x:11:0:operator:/root:/sbin/nologin
3) If you want to find out how many times and at what lines the word "root" is present then use "o".
[administrator1@RedHat7 ~]$ grep -nio Root /etc/passwd
1:root
1:root
1:root
10:root
Conclusion : Word "root" is present 3 times in line one and one time in line 10.
4) Now suppose you want to find a line starting with the word "root" then use carot sign (^) in front of root.
[administrator1@RedHat7 ~]$ grep -ni ^Root /etc/passwd
1:root:x:0:0:root:/root:/bin/bash
5) If you want a line ending with a certain word then use "$" at the end of the word.
[administrator1@RedHat7 ~]$ grep -ni nologin$ /etc/passwd
2:bin:x:1:1:bin:/bin:/sbin/nologin
3:daemon:x:2:2:daemon:/sbin:/sbin/nologin
6) If you want to filter multiple words in a file then you require using enhanced grep.
[administrator1@RedHat7 ~]$ egrep -ni "Root|Administrator1" /etc/passwd
1:root:x:0:0:root:/root:/bin/bash
2:bin:x:1:1:bin:/bin:/sbin/nologin
24:administrator1:x:1000:1000::/home/administrator1:/bin/bash
7) How to use grep command to filter the logs for a specific time say ""Jan 13 06:"".
[root@RedHat7 log]# grep "Jan 13 06:" messages
Jan 13 06:00:01 RedHat7 systemd: Created slice User Slice of root.
Jan 13 06:00:01 RedHat7 systemd: Started Session 2205 of user root.
Jan 13 06:00:01 RedHat7 systemd: Removed slice User Slice of root
[root@RedHat7 log]# grep "Jan 13 06:00" messages
Jan 13 06:00:01 RedHat7 systemd: Created slice User Slice of root.
Jan 13 06:00:01 RedHat7 systemd: Started Session 2205 of user root.
Jan 13 06:00:01 RedHat7 systemd: Removed slice User Slice of root.
[root@RedHat7 log]# grep "Jan 13 06:01" messages
Jan 13 06:01:01 RedHat7 systemd: Created slice User Slice of root.
Jan 13 06:01:01 RedHat7 systemd: Started Session 2206 of user root.
Jan 13 06:01:01 RedHat7 systemd: Removed slice User Slice of root.
8) To find particular word from all folder use "R" : Find word "administrator1" from folder /etc
[root@RedHat7 ~]# grep -iR administrator1 /etc
/etc/group:administrator1:x:1000:
/etc/gshadow:administrator1:!::
/etc/passwd:administrator1:x:1000:1000::/home/administrator1:/bin/bash
/etc/passwd-:administrator1:x:1000:1000::/home/administrator1:/bin/bash
Comments