🖥️grep
➡️This is a command-line reference manual for commands and command combinations that you don’t use often enough to remember it. This cheatsheet explains the grep command with important options and switches using examples.
23 minute read
▁ ▂ ▃ ▄ ꧁ 🔴☠ COMMANDLINE-KUNGFU WITH CHEATSHEETS ☠🔴꧂▅ ▃ ▂ ▁
# ██████╗ ██████╗ ███████╗██████╗
# ██╔════╝ ██╔══██╗██╔════╝██╔══██╗
# ██║ ███╗██████╔╝█████╗ ██████╔╝
# ██║ ██║██╔══██╗██╔══╝ ██╔═══╝
# ╚██████╔╝██║ ██║███████╗██║
# ╚═════╝ ╚═╝ ╚═╝╚══════╝╚═╝
grep
Global regular expression print
The grep command comes from the command used by the ed program (a simple and venerable Unix text editor) to print all lines matching a certain pattern:
g/re/p
For more, see About grep
# Search a file for a pattern
grep pattern file
# Case insensitive search (with line numbers)
grep -in pattern file
# Recursively grep for string <pattern> in folder:
grep -R pattern folder
# Read search patterns from a file (one per line)
grep -f pattern_file file
# Find lines NOT containing pattern
grep -v pattern file
# You can grep with regular expressions
grep "^00" file #Match lines starting with 00
grep -E "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" file #Find IP add
# Find all files which match {pattern} in {directory}
# This will show: "file:line my research"
grep -rnw 'directory' -e "pattern"
# Exclude grep from your grepped output of ps.
# Add [] to the first letter. Ex: sshd -> [s]shd
ps aux | grep '[h]ttpd'
# Colour in red {bash} and keep all other lines
ps aux | grep -E --color 'bash|$'
grep -e 'foo.*bar' -e 'bar.*foo' file
# Multiple search expressions can be provided by grep through multiple -e. Good for cases when a single regex can't d
# grep for minus (-) sign - Use flag "--" to stop switch parsing
grep -- -
# Sample output
tree -aicfnF --timefmt %d-%b-%y|grep -- -Nov-|sort -n
# [04-Nov-19] ./Notes/phone/pasted_image026.png
# [05-Nov-19] ./Notes/phone/
# [05-Nov-19] ./Notes/phone/pasted_image027.png
# [05-Nov-19] ./Notes/phone/pasted_image028.png
# [05-Nov-19] ./Notes/phone.txt
# [14-Nov-19] ./Notes/elektronika/
# [14-Nov-19] ./Notes/elektronika/pasted_image125.png
# [14-Nov-19] ./Notes/elektronika.txt
# [21-Nov-19] ./Notes/555/
# [21-Nov-19] ./Notes/555/pasted_image011.png
# [21-Nov-19] ./Notes/555/pasted_image012.png
# [21-Nov-19] ./Notes/555/pasted_image013.png
# [21-Nov-19] ./Notes/555.txt
# [24-Nov-19] ./Notes/MW/
#==============================##==============================#
# CMD GREP, pgrep, egrep, ngrep, fgrep #
#==============================##==============================#
#####################################################################################################################################
########################
10 ways to use Grep command in Unix - examples
# Following examples on grep command in UNIX are based on my experience and I use them on a daily basis in my work. Grep command is also part of any beginners UNIX command tutorial as it is an essential command to learn in order to work efficiently in any UNIX environment e..g Redhat Linux, Ubuntu, IBM AIX, Oracle Solaris or BSD. Anyway these examples are by no means complete so please contribute your grep command tips or how you are using grep in Linux to make it more useful and allow all of us to benefit from each others experience and work efficiently in UNIX or Linux.
10 ways to use GREP command in UNIX
# Example 1: How to ignore some words while doing search using grep in UNIX
# Finding relevant word and exclusion of irrelevant word. Most of the time I look for Exception and Errors in log files and sometimes I know certain Exception I can ignore so I use grep -v option to exclude those Exceptions
grep Exception logfile.txt | grep -v ERROR
# This grep command example will search for word "Exception" in logfile.txt and print them but since we have piped out of first grep command to second grep command which will exclude all lines which match world "ERROR". To make this grep example more concrete let's see another example, here we have a file which contains three lines as shown below:
cat example.txt
UNIX operating system
UNIX and Linux operating system
Linux operation system
# Now we want to search all lines in file example.txt which contains word UNIX but same time doesn't contain world Linux.
grep UNIX example.txt
UNIX operating system
UNIX and Linux operating system
# Now to exclude all lines which contain Linux we will apply another grep command in this output with option -v to exclude matching word as shown in below grep command:
grep UNIX example.txt | grep -v Linux
UNIX operating system
# Example 2: How to count occurrence of a word in a file using grep command
# If you want to count on a particular word in the log file you can use grep -c option to count the word. Below an example of command will print how many times word "Error" has appeared in logfile.txt.
grep -c "Error" logfile.txt
# If we apply this grep command on our example file to find how many lines contains word e.g. UNIX has occurred in the file:
grep -c UNIX example.txt
2
# Example 3: printing lines before and after of matching word using grep
# Sometimes we are not just interested in matching line but also on lines around matching lines particularly useful to see what happens before any Error or Exception. grep --context option allows us to print lines around matching pattern. Below example of grep command in UNIX will print 6 lines around matching line of word "successful" in logfile.txt
grep --context=6 successful logfile.txt
# Show additional six lines after matching very useful to see what is around and to print the whole message if it splits around multiple lines. You can also use command line option "C" instead of "--context" for example
grep -C 2 'hello' *
# Prints two lines of context around each matching line.
# Example 4: How to search pattern using egrep and regular expression
# stands for extended grep and it is more powerful than grep command in Unix and allows more regular exception like you can use "|" option to search for either Error or Exception by executing just one command.
egrep 'Error|Exception' logfile.txt
# Example 5: How to do case insensitive searching using grep in Linux
# If you want to do case insensitive search then use -i option from grep command in UNIX. grep -i command will find an occurrence of both Error, error and ERROR and quite useful to display any sort of Error from the log file.
grep -i Error logfile
# Example 6: How to search patterns in gzip files using zgrep command
# zgrep is another great version of grep command in Unix which is used to perform the same operation as grep does but with .gz files. Many times we gzip the old file to reduce the size and later wants to look or find something on those files. zgrep is your man for those days. Below command will print all files which have "Error" on them.
zgrep -i Error *.gz
# Example 7: How to search the whole word in a file using grep command
# You can use grep -w command in UNIX to find the whole word instead of a just pattern, as shown in the following the example. This example will only print lines from logfile.txt which contains full word ERROR.
grep -w ERROR logfile.txt
# Above grep command in UNIX searches only for instances of 'ERROR' that are entire words; it does not match `SysERROR'.
# For more control, use `\<' and `\>' to match the start and end of words. For example:
grep 'ERROR>' *
# Searches only for words ending in 'ERROR', so it matches the word `SysERROR'.
# Example 8: UNIX command to display files names which contain given word
# Another useful grep command line option is "grep -l" which display only the file names which match the given pattern. Below command will only display file names which have ERROR?
grep -l ERROR *.log
# grep -l 'main' *.java will list the names of all Java files in the current directory whose contents mention `main'.
# Example 9: grep command option to display lines numbers
# If you want to see line number of matching lines you can use the option "grep -n" below command will show on which lines Error has appeared.
grep -n ERROR log file.
# Example 10: How to do recursive search in a directory using grep in UNIX
# If you want to do a recursive search using grep command in Unix there are two options either use "-R" command line option or increase directory one by one as shown below.
grep -R store *
# This command will search for directory or file with the name stored in the current directory and it's all sub-directory.
# Now I have two bonus examples of grep command in UNIX:
# 11) grep command in UNIX can show matching pattern in color which is quite useful to highlight the matching section, to see matching pattern in color use below command.
grep Exception today.log --color
# You can also create alias grep='grep --color' in your bash_profile file to avoid typing --color every time.
# 12) There are three versions of grep command in UNIX "grep, fgrep, and egrep". `fgrep' stands for Fixed `grep', `egrep' Extended `grep'
#############################
grep -i s2enc /etc/vcac/server.xml | sed -e 's/.* password=\"\([^\"]*\)\".*/\1/' | xargs -n 1 vcac-config prop-util -d --p 2>/dev/null; echo
# Get the password for PostgreSQL backend db for VMware vRA
grep -h
# Suppress file name when searching over multiple files
grep -c
# Count the number of matches of a regex in each file
grep -v
#List lines that do NOT match a regular expression
grep -l
#List files containing a match for a regular expression
grep -v (inverse) ==> pgrep -v ==> pkill -v,
# The command option heritage is - where it doesn not make sense except maybe: pkill -v -u root
grep -o '<[^@]\+@[^>]\+>'|wc -l
# In mutt, pipe msg to this to count of addresses that where in the To line of that email.
grep -oP '(?<=www\.)\s?[^\/]*' file | uniq
# Get all domains from html
grep -ao "[/\\]" /dev/urandom|tr -d \\n
# 39 character infinite ASCII maze generator.
grep 1.2.3.4 /var/log/httpd/access_log{.2,.1,}
# Where log directory is not world readable, brace expansion helps when a wildcard can't
grep -R "phrase" ./mydir/*.txt
# ur doin it wrong! its this way only http://betterthangrep.com/
grep -P -o '(?<=href=")http:\S+(?=")' *.html
# Use perl regex (negative look-behind/look-ahead assertions) to get URLs.
# grep for 'alpha', but only in files that also contain 'beta':
grep -n alpha $(grep -Irl beta *)
grep -lr "^Subject: test " Maildir/{cur,new} |xargs rm -v 2>&1 |tee delete.log
# BTW, if I ran the mail server this was on, I would run this.
grep -Ev "((accept|drop|reject)log|ftpd)" /var/log/messages | less
# Yes! You can do nested grouping in extended regexes.
grep -e Document -e person@domain multilinelist.txt |grep -B1 person@domain
# Show just the Documents followed by person@domain
grep -io "cyber" | wc -l
# How many times did they say cyber? Just select all in your browser copy and paste into this command to find out.
grep -h "POST /.*wp-login.php" *-access_log |awk '$1!~/^my.ip.addr$/{print $1}' |sort|uniq -c|sort -nr |head -50> wp-abusers.txt
# WP abuse
grep -L pattern *
# List the filenames that don not contain the pattern specified.
grep -v -e garbage -e unimportant -e donotcare
# Use this pipeline pattern of -v -e term1 -e term2 to skip lines in output.
grep ^From procmail.log | cut -d' ' -f3- | date -f - +%Y-%m-%d | uniq -c
# Show stats on messages per day in procmail log.
grep -rL '<?php' www
# List the files below the www directory that don not (-L) have PHP code in them.
grep -r eval.*base64 source_code_tree
# Detect 90% of pwn'd PHP code or thereabouts.
grep | awk | sed | grep | grep -v | while read data ; do something to data ; done | tee output
# Generic pipeline template. Just add args.
grep -E -v -f expressions.conf file.txt
# Print lines not matching (-v) any extended regular expressions (-E) in expressions.conf (-f)
grep -P -o "(?<=sent=)[0-9]+" mail.log | awk '{sum+=$1} END {print sum}'
# Produce sum of sent bytes in the mail.log. Uses PCRE.
grep ^lease /var/lib/dhcp/dhcpd.leases | cut -d ' ' -f 2 | sort -t . -k 1,1n -k 2,2n -k 3,3n -k 4,4n | uniq
# sorted list of dhcp allocations
grep -Hrn "text" .
# Search some text from all files inside a directory
grep -o '<[^@]\+@[^>]\+>'|wc -l
# In mutt, pipe msg to this to count - of addresses that where in the To line of that email.
grep -P -o "(?<=sent=)[0-9]+" mail.log | awk '{sum+=$1} END {print sum}'
# Produce sum of sent bytes in the mail.log. Uses PCRE.
grep -P -o '(?<=href=")http:\S+(?=")' *.html
# Use perl regex (negative look-behind/look-ahead assertions) to get URLs.
grep -h "POST /.*wp-login.php" *-access_log |awk '$1!~/^my.ip.addr$/{print $1}' |sort|uniq -c|sort -nr |head -50> wp-abusers.txt
# WP abuse
grep -L pattern *
# List the filenames that don not contain the pattern specified.
grep -r eval.*base64 source_code_tree
# Detect 90% of pwn'd PHP code or thereabouts.
grep -E -v -f expressions.conf file.txt
# Print lines not matching (-v) any extended regular expressions (-E) in expressions.conf (-f)
grep for 'alpha', but only in files that also contain 'beta':
grep -n alpha $(grep -Irl beta *)
grep -Ev "((accept|drop|reject)log|ftpd)" /var/log/messages | less
# Yes! You can do nested grouping in extended regexes.
grep -io "cyber" | wc -l
# How many times did they say cyber? Just select all in your browser copy and paste into this command to find out.
grep 1.2.3.4 /var/log/httpd/access_log{.2,.1,}
# Where log directory is not world readable, brace expansion helps when a wildcard can't
| grep -v -e garbage -e unimportant -e donotcare
# Use this pipeline pattern of -v -e term1 -e term2 to skip lines in output.
grep ^From procmail.log | cut -d' ' -f3- | date -f - +%Y-%m-%d | uniq -c
# Show stats on messages per day in procmail log.
grep -lr "^Subject: test " Maildir/{cur,new} |xargs rm -v 2>&1 |tee delete.log
# BTW, if I ran the mail server this was on, I would run this.
grep -rL '<?php' www
# List the files below the www directory that don not (-L) have PHP code in them.
grep -e Document -e person@domain multilinelist.txt |grep -B1 person@domain
# Show just the Documents followed by person@domain
grep | awk | sed | grep | grep -v | while read data ; do something to data ; done | tee output
#Generic pipeline template. Just add args.
grep -L '<?php' *.php
# List files in current directory with a .php extension that DO NOT contain a PHP open code block tag.
grep '^[a-fois]\{6\}$' /usr/share/dict/words|sed 'h;y/ois/015/;x;G;s/\n/->#/'
# Which words can double as CSS color values? Thx
grep -R "Stuff" .
# Find all files in a subdirectory containing "Stuff"
grep -R --include "*.asp" "Stuff" .
# Find all .asp files in a directory tree containing "Stuff"
grep '"b"' * | cut -d":" -f1
# List of all filenames matching a pattern
# grep one-liners
#######################
#>> Basics
#grep case insensitive
grep -i "<this>" <file>
grep recursively
grep -ir "<this>" <directory>
grep with word match only (string starting/ending with non-word constituent character)
grep -wi "<this>" <file>
# remove/delete filename from grep output
grep -hi "<this>" <file>
#>> Logical operators
# grep for this OR this
grep -i "<this>\|<ORthis>" <file>
grep for this AND this
grep -i "<this>" | grep -i "<ANDthis>" <file>
grep NOT for this
grep -iv "<NOTthis>" <file>
grep for this AND NOT this
grep -i "<this>" | grep -iv "<ANDNOTthis>" <file>
#>> Misc
# count the number of lines
grep -ic "<this>" <file>
grep through compressed files
#>> Selective Printing
# print the X lines before each matching lines
grep -i "<this>" -B <X> <file>
print the Y lines after each matching lines
grep -i "<this>" -A <Y> <file>
print the X,Y lines before and after each matching lines
grep -i "<this>" -B <X> -A <Y> <file>
for file in $(grep '"b"' * | cut -d":" -f1 ); do ls -l $file; done
# Grep one liners - Long list of all the files matching a pattern
for file in *.cmd; do echo; echo $file; diff $file ${file}~ 2>&1; done > diffs.txt
# Grep one liners - Compare files with one extension with VI modified versions, redirecting diff error if ~ file not found
# grep less usw. auf bz komprimierte dateien
bzgrep
bzless
grep -B3 "foo" multilinedata.txt |egrep "^Id:" |while read x x id; do echo "https://hostname/${id}"; done
# Make URLs from data before foo
grep -e foo -e bar -e baz file
# You can use -e multiple times for multiple expressions. Nice when you have multiple complex items.
grep -h --no-group-separator 404 *.log
# GNU grep has not well documented options --no-group-separator and --group-seprator="▬▬▬▬▬▬"
# Linux will print 6 lines around matching line of word "successful" in logfile.txt
grep --context=6 successful logfile.txt
#same:
# Prints six lines of context around each matching line.
grep -C 6 'hello' *
# you can use "|" option to search for either Error or Exception by executing just one command.
egrep 'Error|Exception' logfile.txt
# Above grep command in UNIX searches only for instances of 'ERROR' that are entire words; it does not match `SysERROR'.
grep -w ERROR logfile.txt
# Searches only for words ending in 'ERROR', so it matches the word `SysERROR'. For more control, use `\<' and `\>' to match the start and end of words.
grep 'ERROR>' *
# list the names of all Log files in the current directory whose contents mention 'ERROR'.
grep -l ERROR *.log
# Follow up: I then used the list of instructor names as input to generate an email list.
grep -f- emails.csv | awk -F, '{print "$3,"}'
# 39 character infinite ASCII maze generator.
grep -ao "[/\\]" /dev/urandom|tr -d \\n
grep -o -P "(?<=----).+(?=#)" queuefile
# Use PCRE(-P) look-around assertions to give only(-o) the part between ---- and #.
grep " [YM]0*10*10*$" names.txt
Name1 Y011000000
Name2 Y100010000
Name3 M000001110
Name4 Y111110101
Name5 Y001010000
# Given rows like this that indicate people who want(Y) or maybe want(M) training and a 0 or 1 for each topic. Show only users who selected ONLY two trainings.
grep '\-->method' *.pl
# When you are grepping for patterns that start with a '-' it may complain about options, You can fix this by escaping the first '-' or using -- to finish the options list.
grep -vxFf ItemsListtoAvoid.txt AllItemsList.txt > ItemsDifference.txt
# Generate a list of items from a couple of items lists A and B, getting (B - A ) set
# ItemsListtoAvoid (A) could be a list of files with a special characteristic to exclude. It can be a result of previous processing list, ex. a list of files containing a special string. AlItemsList.txt (B) Is a complete list of items including some or all items in A. Difference is saved in ItemsDifference.txt
grep = "Global Regular Expression Print"
grep comes from the ed command to print all lines matching a
certain pattern
g/re/p
where "re" is a "regular expression".
# sh: recursive find and replace -> find "X_ABC_IPv4Address" into every *.xml file located under /tmp/test, and replace it with X_ABC_ACLRule.
# 2>/dev/null avoid error prints when for istance, a symbolink link is found under a subdir
grep -lr X_ABC_IPv4Address /tmp/test --include *.xml 2>/dev/null | xargs sed -i "s|X_ABC_IPv4Address|X_ABC_ACLRule|g"
# Textfiles formatieren - Gelegentlich muss ich Textdateien anders formatieren, Leerzeilen entfernen, den Umbruch verschieben...
# Grep entfernt alle Leerzeilen, paste fügt alles zu einer langen Textwurst zusammen, getrennt durch ein Leerzeichen und fold bricht dann beim letzten Wortende vor Spalte 70 um.
grep -v '^$' loreipsum.txt | paste -s -d ' ' | fold -s -w 70
grep status=sent /var/log/maillog | cut -c1-7 | uniq -c
# Show a count of the number of sent messages by day through your mail server.
grep "POST /.*wp-login.php" logs/*-access_log | awk '{print $1}' |sort|uniq -c|sort -nr | head -50> wp-login-top-10-abusers.txt
# Find top wordpress login abusers
grep -r eval.*base64 source_code_tree
# Detect 90% of pwn'd PHP code or thereabouts.
# Show OS release incl version.
grep -m1 -h [0-9] /etc/{*elease,issue} 2>/dev/null | head -1
# Sample outpt:
# Gentoo Base System release 2.6
# highlight with grep and still output file contents
grep --color -E 'pattern|' file
# View a file with line numbers
grep -n ^ /path/to/file | less
# Explanation:
# grep ^ will match all lines in a file
# grep -n will prefix each line of output with the line number within its input file
# Limitations: In some systems you might have to use egrep instead of grep.
## Alternative one-liners:
# View a file with line numbers
cat -n /path/to/file | less
# Explanation: cat -n will number all lines of a file.
# Limitations: It will add some white spaces as padding.
# Show files containing "foo" and "bar" and "baz"
grep -l 'baz' $(grep -l 'bar' $(grep -lr 'foo' *) )
# Explanation: Most people familiar with extended regular expressions know you can use the pipe symbol | to represent "or", so to see files containing any of "foo", "bar", or "baz" you could run:
grep -Elr 'foo|bar|baz' *
# There is no corresponding symbol representing "and", but you can achieve the same effect by nesting invocations to grep. grep -lr 'foo' * returns a list of filenames in or below the current directory containing "foo". Via the $( ... ) syntax, this list is then operated on by grep -l 'bar', returning a list of filenames containing both 'foo' and 'bar', which finally is operated on by grep -l "baz". The end result is a list of filenames containing all three terms.
# Limitations: This one-liner results in scanning files multiple times. You will want to put the term you expect to match the fewest number of times farthest to the right (that is, in the same position as "foo") and the one you expect to match most frequently farthest to the left (the same position as "baz"). This way, you will weed out the largest number of files sooner, making the one-liner complete more quickly.
# Find in files, recursively
grep -rn 'nameserver' /etc 2>/dev/null
# Explanation:
# -r make a search recursively;
# -n print line numbers;
# -H is not need, is default;
# Limitations: -i use for case insensitive search;
## Related one-liners
# Find in files, recursively
find /etc -type f -print0 2>/dev/null | xargs -0 grep --color=AUTO -Hn 'nameserver' 2>/dev/null
# Explanation: In the example above, find and display every file in /etc containing the string nameserver with the corresponding line, including line number, sample output:
# /etc/ppp/ip-up.d/0dns-up:9:# Rev. Dec 22 1999 to put dynamic nameservers last.
# /etc/ppp/ip-up.d/0dns-up:23:# nameservers given by the administrator. Those for which 'Dynamic' was chosen
# /etc/ppp/ip-up.d/0dns-up:24:# are empty. 0dns-up fills in the nameservers when pppd gets them from the
# /etc/ppp/ip-up.d/0dns-up:26:# 'search' or 'domain' directives or additional nameservers. Read the
# /etc/ppp/ip-up.d/0dns-up:77:# nameserver lines to the temp file.
# Print the lines of file2 that are missing in file1
grep -vxFf file1 file2
# Explanation:
# -f is to specify a file with the list of patterns: file1
# -F is to treat the patterns fixed strings, without using regular expressions
# -x is to match exactly the whole line
# -v is to select non-matching lines
# The result is effectively the same as:
diff file1 file2 | grep '^>' | sed -e s/..//
# Limitations: The flags of grep might work differently depending on the system. So yeah you might prefer the second way which should work everywhere. Nonetheless the various of flags of grep are interesting.
# Ban all IPs that attempted to access phpmyadmin on your site
grep "phpmyadmin" $path_to_access.log | grep -Po "^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}" | sort | uniq | xargs -I% sudo iptables -A INPUT -s % -j DROP
# Explanation: Cheap security Bash one-liner to ban all IPs that are probably doing automated attacks. Make sure your IP isn't listed before piping through iptables drop!! This will first find all lines in $path_to_access.log that have phpmyadmin in them, Then grep out the ip address from the start of the line, Then sort and unique them, Then add a rule to drop them in iptables. Again, just edit in echo % at the end instead of the iptables command to make sure your IP isn't in there. do not inadvertently ban your access to the server!
# Limitations: You may need to change the grep part of the command if you are on mac or any system that does not have grep -P.
# Open Windows internet shortcut (*.url) files in firefox
firefox $(grep -i ^url='*' file.url | cut -b 5-)
# Explanation: Extract urls from a *.url file and open in Firefox. (Note that *.url files in Windows are basically just text files, so they can be parsed with a few commands.)
# grep extracts lines starting with url=
# The -i flag is to ignore case
# cut extracts the range of characters from the 5th until the end of lines
# The output of $(...) will be used as command line parameters for Firefox
# Limitations:
# This only works with URLs that do not contain special characters that would be interpreted by the shell, such as spaces and others.
## Alternative one-liners:
# Open Windows internet shortcut (*.url) files in firefox
grep -i url='*' file.url | cut -b 5- | xargs firefox
# Explanation: Extract urls from a *.url file and open in Firefox. (Note that *.url files in Windows are basically just text files, so they can be parsed with a few commands.)
# grep extracts lines starting with url=
# The -i flag is to ignore case
# cut extracts the range of characters from the 5th until the end of lines
# xargs calls Firefox with arguments taken from the output of the pipeline
# Find and replace string inside specific files
grep -ril '$SEARCH_PATTERN' src | sed -i 's/$FIND_PATTERN/$REPLACE_PATTERN/g'
# Explanation: This command search for files that contain and an specific string and then find a pattern on those files and replace it
grep -C3 searchpattern file
# Search for searchpattern in file and provide 3 lines above and 3 lines below of context in the output. C = Context. You can also use -N where N is a number, so -3 would do the same thing. Also -A3 = 3 lines (A)fter, -B3 = 3 lines (B)efore
# Grepping for MAC addresses:
grep -E -o '[[:xdigit:]]{2}(:[[:xdigit:]]{2}){5}' filename
ping
# BTW, a safer way than just pasting directly into it through your terminal is to select/copy the text, then use xsel (X Windows) or pbpaste (Mac) to send the selection buffer straight to stdout and then you can pipe it into the other program. This avoids some terminal vuln issues.
# But hey, I could just invite in all the people who the document is shared with to count the words for me and post the answer as comments in the document.
grep -v $'[^\t\r -~]' my-file-with-non-ascii-characters
# get rid of lines with non ascii characters found here: https://stackoverflow.com/a/9035939 LC_ALL=C
grep -vE '^\s*(#|$)' textfile
# remove comments (even those starting with spaces), empty lines (even those containing spaces) in one grep command useful for discarding even those comments which start with blanks or those empty lines which contain blanks Show Sample Output:
# 5.0
# Find and replace string inside specific files
grep -ril '$SEARCH_PATTERN' src | sed -i 's/$FIND_PATTERN/$REPLACE_PATTERN/g'
# Grepe bestimmte Ports
grep 46[61-72] /proc/net/ip_conntrack | wc -l
# Gen a list of the top countries failing to auth on IMAP accounts, save to file
grep "imapd.*LOGIN FAILED, method=" /var/log/maillog | egrep -o "[0-9\.]{7,15}" | awk '{print $NF}' | xargs -n1 geoiplookup | sort | uniq -c | sort -rn | head | tee top-countries-imap-auth-failed.txt
# An old bad habit of mine is to search a directory at a time instead of just putting multiple directories in the same command. But grep can do that, it has the technology.
grep -r waldo /tmp ~/Documents ~/.config /etc
# Same for SMTP spammers on exim4
grep "LOGIN authentication mechanism not supported" /var/log/exim4/mainlog | egrep -o "[0-9\.]{7,15}" | awk '{print $NF}' | xargs -n1 geoiplookup | sort | uniq -c | sort -rn | head
# delete at start of each line until character
# GNU grep's PCRE(Perl-compatible regular expressions).
grep -Po '^(.*?:\K)?.*'
# delete at start of each line until character - GNU grep's PCRE(Perl-compatible regular expressions).
grep -Po '^(.*?:\K)?.*'
# Extract queries from mysql general log - queries related to table 'Invoice_template'
grep -Eo '( *[^ ]* *){4}Invoice_Template( *[^ ]* *){4}' /mysql-bin-log/mysql-gen.log | head -10000 | sort -u
#==============================##==============================#
# CMD GREP #
#==============================##==============================#
Cheatsheets are an excellent complement to other information sources like Linux man-pages, Linux help, or How-To’s and tutorials, as they provide compact and easily accessible information. While man-pages and detailed tutorials often contain comprehensive explanations and extensive guides, cheatsheets summarize the most important options forthe command grep in a clear format. This allows users to quickly access the needed information for grep without having to sift through lengthy texts. Especially in stressful situations or for recurring tasks, cheatsheets for grep are a valuable resource to work efficiently and purposefully.
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
█║▌│║█║▌★ KALI ★ PARROT ★ DEBIAN 🔴 PENTESTING ★ HACKING ★ █║▌│║█║▌
██╗ ██╗ ██████╗ ██████╗ ██╗ ██╗███████╗██████╗
████████╗██╔══██╗██╔═══██╗╚██╗██╔╝██╔════╝██╔══██╗
╚██╔═██╔╝██║ ██║██║ ██║ ╚███╔╝ █████╗ ██║ ██║
████████╗██║ ██║██║ ██║ ██╔██╗ ██╔══╝ ██║ ██║
╚██╔═██╔╝██████╔╝╚██████╔╝██╔╝ ██╗███████╗██████╔╝
╚═╝ ╚═╝ ╚═════╝ ╚═════╝ ╚═╝ ╚═╝╚══════╝╚═════╝
█║▌│║█║▌ WITH COMMANDLINE-KUNGFU POWER █║▌│║█║▌
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.