GREP is one of the most efficient functionality provided by UNIX for search inside files. We can also use GREP to search in zipped files without extracting or output of the earlier command. Various key functionalities of GREP command is explained further.
Basic usage of grep is to provide your search string inside single (‘) or double quote (“) and then the path of file/files inside which that string needs to be searched. Following are the examples of GREP command and various input flags. The usage of GREP command is almost same across UNIX/LINUX/AIX or any other environment.
- grep error *.log
Above command will search for word “error” inside all files ending with extension log in the current directory and display respective rows containing this word. If we want to search inside all directories inside current location then we can simply give “*” instead “*.log”. This command will not consider subdirectories or zipped files.
- grep “error message“ *.log
- grep ‘error message‘ *.log
Above command will search for string “error message” inside all files with extension *.log. If we executed this command without double quotes then OS will consider messages as file and will to search inside that file if exists. It will also search inside *.log files.
- grep –i error *.log
This is the case-insensitive option. Every search inside grep is case sensitive means OS will assume error, ERROR, and Error as a separate string. With “i” flag we can tell OS to ignore case and run the basic search.
- grep ‘^error’ *.log
This option will return rows only if they are beginning with error and not inside or terminating with an error. Caret “^” used to when we need to tell OS to find string begins with specific text/pattern.
- grep ‘error$‘ *.log
Similarly, the dollar “$” option finds strings inside the files ending with given text and returns matching output.
- grep –v error *.log
Above flag will return rows which are not matching with the given input. Therefore in case of large file sets, we should carefully use this flag, otherwise, it will print everything on the screen or write to the file in the case output diverted e.g. “grep –v error *.log > /tmp/output.log ”
- grep –f input.txt *.log
We can also give multiline input or multiple parameters inside the file as a search string. Every row from the file OS will treat as the separate search string. Sometimes such input files are used to filter known error messages from the error logs. e.g. “grep error *.log | grep -f input.txt” or “grep –vf input.txt *.log | grep error”
We can also give additional “x” flag (grep –xf input.txt *.log) which will match every line with each line in the file. E.g. if one of the record from input file contains “error” then it will check for rows having only string “error”. It will not return records where rows contain string “error” with other texts such as “error message” or “file exception error”.
- grep –n error *.log
With “n” option we get row numbers of every matched record from the given files.
As explained earlier we can combine any of these flags to meet search criteria.
- grep –e “err|excepion|warn” *.log
- egrep “err|excepion|warn” *.log
With “e” options we can give multiple search strings in the same command with “|” (pipe) as the delimiter for separating input. Generally, with normal GREP these type of search is the bit expensive from the performance perspective.
- grep –F error *.log
- fgrep error *.log
Whenever we want to search for the fixed strings inside one or multiple files we should be using “F” (upper case) option as it returns output faster compare to standard grep. This also referred as fgrep.
- grep –v ‘^$‘ output.log
Above command will help to remove empty rows from the given input file.
- grep –r error /usr/input
Above flag is the recursive flag which means it will search for the given string inside given the directory and all sub-directories if exists. Sometimes it can impact performance if we have too many subdirectories with big files.
Normal grep command does not search inside zipped files. As a workaround, some people unzip such files and then try to search inside unzipped files. We can use zgrep instead to search inside zipped files as below. This command cannot search in normal files.
- zgrep error *.log.gz
With all above command, we can always use “more” command with a pipe to view pagewise data of searched output in default editor.
To summarise GREP is one of the most used commands by UNIX users and sometimes we use longer commands or big scripts due to non-awareness complete functionalities. There are more flags available with GREP but I have tried to list down some of the key flags which are mostly required.