Linux: Grep: Searching in Files

GREP is one of the most efficient functionality provided by UNIX for search inside files. We can also use GREP to search in zipped files without extracting or output of the earlier command. Various key functionalities of GREP command is explained further.

Basic usage of grep is to provide your search string inside single () or double quote () and then the path of file/files inside which that string needs to be searched. Following are the examples of GREP command and various input flags. The usage of GREP command is almost same across UNIX/LINUX/AIX or any other environment.

  • grep error *.log

Above command will search for word “error” inside all files ending with extension log in the current directory and display respective rows containing this word. If we want to search inside all directories inside current location then we can simply give “*” instead “*.log”. This command will not consider subdirectories or zipped files.

  • grep error message *.log
  • grep error message *.log

Above command will search for string “error message” inside all files with extension *.log. If we executed this command without double quotes then OS will consider messages as file and will to search inside that file if exists. It will also search inside *.log files.

  • grep –i error *.log

This is the case-insensitive option. Every search inside grep is case sensitive means OS will assume error, ERROR, and Error as a separate string. With “i” flag we can tell OS to ignore case and run the basic search.

  • grep  ‘^error’ *.log

This option will return rows only if they are beginning with error and not inside or terminating with an error. Caret “^” used to when we need to tell OS to find string begins with specific text/pattern.

  • grep ‘error$‘ *.log

Similarly, the dollar “$” option finds strings inside the files ending with given text and returns matching output.

  • grep –v error *.log

Above flag will return rows which are not matching with the given input. Therefore in case of large file sets, we should carefully use this flag, otherwise, it will print everything on the screen or write to the file in the case output diverted e.g. “grep –v error *.log > /tmp/output.log ”

  • grep –f input.txt *.log

We can also give multiline input or multiple parameters inside the file as a search string. Every row from the file OS will treat as the separate search string. Sometimes such input files are used to filter known error messages from the error logs. e.g. “grep error *.log | grep -f input.txt” or “grep –vf input.txt *.log | grep error”

We can also give additional “x” flag (grep –xf input.txt *.log) which will match every line with each line in the file. E.g. if one of the record from input file contains “error” then it will check for rows having only string “error”. It will not return records where rows contain string “error” with other texts such as “error message” or “file exception error”.

  • grep –n error *.log

With “n” option we get row numbers of every matched record from the given files.

As explained earlier we can combine any of these flags to meet search criteria.

  • grep –e “err|excepion|warn” *.log
  •  egrep “err|excepion|warn” *.log

With “e” options we can give multiple search strings in the same command with “|” (pipe) as the delimiter for separating input. Generally, with normal GREP these type of search is the bit expensive from the performance perspective.

  • grep –F error *.log
  • fgrep error *.log

Whenever we want to search for the fixed strings inside one or multiple files we should be using “F” (upper case) option as it returns output faster compare to standard grep. This also referred as fgrep.

  • grep –v^$‘ output.log

Above command will help to remove empty rows from the given input file.

  • grep –r error /usr/input

Above flag is the recursive flag which means it will search for the given string inside given the directory and all sub-directories if exists. Sometimes it can impact performance if we have too many subdirectories with big files.

Normal grep command does not search inside zipped files. As a workaround, some people unzip such files and then try to search inside unzipped files. We can use zgrep instead to search inside zipped files as below. This command cannot search in normal files.

  • zgrep  error *.log.gz

With all above command, we can always use “more” command with a pipe to view pagewise data of searched output in default editor.

To summarise GREP is one of the most used commands by UNIX users and sometimes we use longer commands or big scripts due to non-awareness complete functionalities. There are more flags available with GREP but I have tried to list down some of the key flags which are mostly required.



One thought on “Linux: Grep: Searching in Files

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s