Grep

From Network Security Wiki

Basics

Match regular expression in files

grep "lines.*empty" demo_file
Character Function
? The preceding item is optional and matched at most once.
* The preceding item will be matched zero or more times.
+ The preceding item will be matched one or more times.
{n} The preceding item is matched exactly n times.
{n,} The preceding item is matched n or more times.
{,m} The preceding item is matched at most m times.
{n,m} The preceding item is matched at least n times, but not more than m times.


One-Liners

Case insensitive search

grep -i "the" demo_file

Checking for full words, not for sub-strings

grep -iw "is" demo_file

Display N lines after, before, around match

grep -A 3 -i "example" demo_text      # After Match
grep -B 2 "single WORD" demo_text     # Before Match
grep -C 2 "Example" demo_text         # Around Match

Color Filtered Output

grep "Gecko" /data --color=always

Highlighting the search using GREP_OPTIONS

export GREP_OPTIONS='--color=auto' GREP_COLOR='100;8'

Recursive Search

grep -r "test" *

Recursively but ignore binary files

grep -rI "test" someDir/

Invert match

grep -v "go" demo_text

Display the lines which does not matches all the given pattern

grep -v -e "a" -e "b" -e "c" test-file.txt

How many lines matches the given pattern

grep -c "go" demo_text

How many lines that does not match the pattern

grep -v -c this demo_file

Display only the file names which matches the given pattern

grep -l this demo_*

Show only the matched string

grep -o "is.*line" demo_file

Show line number while displaying the output

grep -n "go" demo_text

Filter comments from a config file

grep -vE '^#|^;|^$' server.conf

Search for "virus" in all files in a dir

grep virus /etc/snort/rules/* 

Search this or that using Extended Regex

grep -E '(then|there)' demo_text

Search this or that without Extended Regex

grep '\(then\|there\)' demo_text

Search this or that grouping not necessary

grep 'then\|there' demo_text

Search this or that grouping required

grep 'the\(n\|re\)' demo_text

Search Email addresses using regex

grep -E -o "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b" filename.txt

Grep from compressed files

zgrep -I "free space" ./messages*

Print lines which begin with "foo" and end in "bar"

grep "^foo.*bar$" file.txt

Filter the Filtered output:

grep "test" file.txt | grep -v "pass"

Search for the string and not the regex:

fgrep "foobar" file.txt
grep -F "foobar" file.txt




{{#widget:DISQUS |id=networkm |uniqid=Grep |url=https://aman.awiki.org/wiki/Grep }}