站长资源服务器

Linux常用命令之grep命令用法详解

整理:jimmy2024/12/25浏览2
简介1.官方简介grep是linux的常用命令,用于对文件和文本执行重复搜索任务的Unix工具,可以通过grep命令指定特定搜索条件来搜索文件及其内容以获取有用的信息。Usage: grep [OPTION]... PATTERN [FILE]...Search for PATTERN in eac

1.官方简介

grep是linux的常用命令,用于对文件和文本执行重复搜索任务的Unix工具,可以通过grep命令指定特定搜索条件来搜索文件及其内容以获取有用的信息。

Usage: grep [OPTION]... PATTERN [FILE]...
Search for PATTERN in each FILE or standard input.
PATTERN is, by default, a basic regular expression (BRE).
Example: grep -i 'hello world' menu.h main.c

Regexp selection and interpretation:
 -E, --extended-regexp  PATTERN is an extended regular expression (ERE)
 -F, --fixed-strings  PATTERN is a set of newline-separated fixed strings
 -G, --basic-regexp  PATTERN is a basic regular expression (BRE)
 -P, --perl-regexp   PATTERN is a Perl regular expression
 -e, --regexp=PATTERN  use PATTERN for matching
 -f, --file=FILE   obtain PATTERN from FILE
 -i, --ignore-case   ignore case distinctions
 -w, --word-regexp   force PATTERN to match only whole words
 -x, --line-regexp   force PATTERN to match only whole lines
 -z, --null-data   a data line ends in 0 byte, not newline

Miscellaneous:
 -s, --no-messages   suppress error messages
 -v, --invert-match  select non-matching lines
 -V, --version    display version information and exit
  --help    display this help text and exit

Output control:
 -m, --max-count=NUM  stop after NUM matches
 -b, --byte-offset   print the byte offset with output lines
 -n, --line-number   print line number with output lines
  --line-buffered  flush output on every line
 -H, --with-filename  print the file name for each match
 -h, --no-filename   suppress the file name prefix on output
  --label=LABEL   use LABEL as the standard input file name prefix
 -o, --only-matching  show only the part of a line matching PATTERN
 -q, --quiet, --silent  suppress all normal output
  --binary-files=TYPE assume that binary files are TYPE;
       TYPE is 'binary', 'text', or 'without-match'
 -a, --text    equivalent to --binary-files=text
 -I      equivalent to --binary-files=without-match
 -d, --directories=ACTION how to handle directories;
       ACTION is 'read', 'recurse', or 'skip'
 -D, --devices=ACTION  how to handle devices, FIFOs and sockets;
       ACTION is 'read' or 'skip'
 -r, --recursive   like --directories=recurse
 -R, --dereference-recursive
       likewise, but follow all symlinks
  --include=FILE_PATTERN
       search only files that match FILE_PATTERN
  --exclude=FILE_PATTERN
       skip files and directories matching FILE_PATTERN
  --exclude-from=FILE skip files matching any file pattern from FILE
  --exclude-dir=PATTERN directories that match PATTERN will be skipped.
 -L, --files-without-match print only names of FILEs containing no match
 -l, --files-with-matches print only names of FILEs containing matches
 -c, --count    print only a count of matching lines per FILE
 -T, --initial-tab   make tabs line up (if needed)
 -Z, --null    print 0 byte after FILE name

Context control:
 -B, --before-context=NUM print NUM lines of leading context
 -A, --after-context=NUM print NUM lines of trailing context
 -C, --context=NUM   print NUM lines of output context
 -NUM      same as --context=NUM
  --group-separator=SEP use SEP as a group separator
  --no-group-separator use empty string as a group separator
  --color[=WHEN],
  --colour[=WHEN]  use markers to highlight the matching strings;
       WHEN is 'always', 'never', or 'auto'
 -U, --binary    do not strip CR characters at EOL (MSDOS/Windows)
 -u, --unix-byte-offsets report offsets as if CRs were not there
       (MSDOS/Windows)

'egrep' means 'grep -E'. 'fgrep' means 'grep -F'.
Direct invocation as either 'egrep' or 'fgrep' is deprecated.
When FILE is -, read standard input. With no FILE, read . if a command-line
-r is given, - otherwise. If fewer than two FILEs are given, assume -h.
Exit status is 0 if any line is selected, 1 otherwise;
if any error occurs and -q is not given, the exit status is 2.

Report bugs to: bug-grep@gnu.org
GNU Grep home page: <http://www.gnu.org/software/grep/>
General help using GNU software: http://www.gnu.org/gethelp/

我平时也是简单的查看一个用户数据,用于简单的数据校对,最近突然接到分析后台日志的需求,才发现grep用处还是不少的。

比如我们后台日志相当大,要是直接从服务器直接拉取,耗时长占用带宽,所以方案就是直接使用 grep关键字重定向到新的文件中,从14G直接到12M,然后再数据清洗和分析。

2.实战介绍

2.1使用grep命令对多文件中多种文本查询

note :使用egrep命令,可使用扩展的正则表达式

1.多文件

  • grep 'pattern' file1 file2

2.多文本 , 关系是OR

  • egrep 'pattern1|pattern2' *.py
  • grep -e pattern1 -e pattern2 *.py
  • grep -E 'pattern1|pattern2' *.doc

例如下面对 对文件中 存在关键字 wordA or wordB进行提取:

grep 'wordA\|wordB' *.py
grep -E 'wordA|wordB' *.doc
grep -e wordA -e wordB *.py
egrep "wordA|wordB" *.c

3.多文本关系是 AND

这里我并没有看到 直接能用的【option】,只能加一层管道符|。

例如:

grep -e pattern1 *.py |grep -e pattern2

2.2完全匹配关键词 -w

grep -w 'warning\|error\|critical' /home/logs

2.3使用-i参数忽略大小写,–color高亮显示匹配结果

egrep -wi --color 'warning|error|critical' /home/logs

2.4递归查找

egrep -Rwi --color 'warning|error' /home/logs/