How To Use grep Command In Linux / UNIX
In Linux we have used to many commands on day to day operation, but some commands are quit common that every type of Users. Grep is same type of command which almost used through every users. Grep command is used to filter or find text from a file or command output which has many lines of text and we only like to see few lines which contain few specific text or some reg-ex, we earlier also wrote one post on how to work grep with regex SO in this post we will see How To Use grep Command In Linux/UNIX with its various options
So let’s start with some grep command examples
Search lines contain text
To search string in lines of files.
▶ grep ssirohi /etc/passwd ssirohi:x:1000:1000:ssirohi,,,:/home/ssirohi:/bin/bash
Search for complete word
Sometime we have to search for complete world not like string middle of another word.
▶ grep -w sh /etc/passwd ishu:x:1001:1001::/home/ishu:/bin/sh arpwatch:x:130:144:ARP Watcher,,,:/var/lib/arpwatch:/bin/sh
How to search those lines that don’t contain mentioned string.
# ps aux | grep -v root USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND rpc 1235 0.0 0.0 18980 892 ? Ss 20:57 0:00 rpcbind rpcuser 1257 0.0 0.0 23352 1380 ? Ss 20:57 0:00 rpc.statd dbus 1646 0.0 0.0 21572 996 ? Ss 20:58 0:00 dbus-daemon --system 68 1684 0.0 0.2 38128 4636 ? Ssl 20:58 0:00 hald 68 1726 0.0 0.0 18000 1140 ? S 20:58 0:00 hald-addon-acpi: listening on acpi kernel interface /proc/acpi/event 498 2346 0.0 0.6 93188 11912 ? Ss 20:58 0:00 /usr/libexec/pacemaker/cib 498 2349 0.0 0.1 87744 3844 ? Ss 20:58 0:00 /usr/libexec/pacemaker/attrd 498 2350 0.0 0.9 102928 19492 ? Ss 20:58 0:00 /usr/libexec/pacemaker/pengine
We can also do multiple search through egrep or with -e options in grep like below
▶ grep -e ssirohi -e ishu /etc/passwd ssirohi:x:1000:1000:ssirohi,,,:/home/ssirohi:/bin/bash ishu:x:1001:1001::/home/ishu:/bin/sh ~ ▶ egrep "ssirohi|ishu" /etc/passwd ssirohi:x:1000:1000:ssirohi,,,:/home/ssirohi:/bin/bash ishu:x:1001:1001::/home/ishu:/bin/sh
Search for case insensitive
In grep we can search for like for any case (Upper or Lower) that will make easy to search when in text file or command output has some text that has some pattern with different case like below
[root@srv1 ~]# grep -i samba /usr/share/doc/samba-common-3.6.23/README This is the release version of Samba, the free SMB and CIFS client and server for UNIX and other operating systems. Samba is maintained by the Samba Team, who support the original author, Andrew Tridgell. >>>> about the configuration and use of Samba. docs/htmldocs/Samba3-HOWTO/install.html is called. For details watch http://samba.org/cifs. WHAT CAN SAMBA DO?
So in above output, we have samba word , which comes in samba, Samba and SAMBA (In upper and lower case). This is quit easy way to search for case insensitive.
Count of search
Through grep command we can find how many type particular word used in file or command output.
[root@srv1 ~]# grep -c -i samba /usr/share/doc/samba-common-3.6.23/README 41 [root@srv1 ~]# grep -c samba /usr/share/doc/samba-common-3.6.23/README 18
Recursive search in directory
Grep has features to search pattern recursively in directory and its sub-directories like below.
[root@srv1 etc]# grep -r 192.168.123.170 . ./hosts:192.168.123.170 srv1 ./sysconfig/network-scripts/ifcfg-eth0:IPADDR="192.168.123.170"
I mostly used list options with recursive, which used to display file names not line contain pattern, which make easy to investigate it later.
[root@srv1 etc]# grep -rl 192.168.123.170 . ./hosts ./sysconfig/network-scripts/ifcfg-eth0
Grep in OutPut
We can use all grep options with any of command output through pipe like below, this make easy to search in command output and find relevant data out of command output, see an example below
[root@srv1 etc]# netstat -ntlp| grep mysql tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 2165/mysqld tcp 0 0 0.0.0.0:3307 0.0.0.0:* LISTEN 2152/mysqld tcp 0 0 0.0.0.0:3308 0.0.0.0:* LISTEN 2176/mysqld tcp 0 0 0.0.0.0:3309 0.0.0.0:* LISTEN 2185/mysqld
In above i used to try search listening mysql port on my machine through netstat command, although we can search it manually in big output it helps a lot like below
▶ dmidecode -t memory| egrep "Size|^Type:|^\sLocator:|^\sSpeed:" Size: 8192 MB Locator: DIMM A Speed: 1600 MT/s Size: 8192 MB Locator: DIMM B Speed: 1600 MT/s
In Above output i tried to get some valuable data for my lappy through dmidecode command, but i only like to get specific values not all chunk of data which is irrelevant to me, so i used some regex with grep command to get valuable data only.