grep命令

1.官方簡介

grep是linux的經常使用命令，用於對文件和文本執行重複搜索任務的Unix工具，能夠經過grep命令指定特定搜索條件來搜索文件及其內容以獲取有用的信息。

Usage: grep [OPTION]... PATTERN [FILE]...
Search for PATTERN in each FILE or standard input.
PATTERN is, by default, a basic regular expression (BRE).
Example: grep -i 'hello world' menu.h main.c

Regexp selection and interpretation:
  -E, --extended-regexp     PATTERN is an extended regular expression (ERE)
  -F, --fixed-strings       PATTERN is a set of newline-separated fixed strings
  -G, --basic-regexp        PATTERN is a basic regular expression (BRE)
  -P, --perl-regexp         PATTERN is a Perl regular expression
  -e, --regexp=PATTERN      use PATTERN for matching
  -f, --file=FILE           obtain PATTERN from FILE
  -i, --ignore-case         ignore case distinctions
  -w, --word-regexp         force PATTERN to match only whole words
  -x, --line-regexp         force PATTERN to match only whole lines
  -z, --null-data           a data line ends in 0 byte, not newline

Miscellaneous:
  -s, --no-messages         suppress error messages
  -v, --invert-match        select non-matching lines
  -V, --version             display version information and exit
      --help                display this help text and exit

Output control:
  -m, --max-count=NUM       stop after NUM matches
  -b, --byte-offset         print the byte offset with output lines
  -n, --line-number         print line number with output lines
      --line-buffered       flush output on every line
  -H, --with-filename       print the file name for each match
  -h, --no-filename         suppress the file name prefix on output
      --label=LABEL         use LABEL as the standard input file name prefix
  -o, --only-matching       show only the part of a line matching PATTERN
  -q, --quiet, --silent     suppress all normal output
      --binary-files=TYPE   assume that binary files are TYPE;
                            TYPE is 'binary', 'text', or 'without-match'
  -a, --text                equivalent to --binary-files=text
  -I                        equivalent to --binary-files=without-match
  -d, --directories=ACTION  how to handle directories;
                            ACTION is 'read', 'recurse', or 'skip'
  -D, --devices=ACTION      how to handle devices, FIFOs and sockets;
                            ACTION is 'read' or 'skip'
  -r, --recursive           like --directories=recurse
  -R, --dereference-recursive
                            likewise, but follow all symlinks
      --include=FILE_PATTERN
                            search only files that match FILE_PATTERN
      --exclude=FILE_PATTERN
                            skip files and directories matching FILE_PATTERN
      --exclude-from=FILE   skip files matching any file pattern from FILE
      --exclude-dir=PATTERN directories that match PATTERN will be skipped.
  -L, --files-without-match print only names of FILEs containing no match
  -l, --files-with-matches  print only names of FILEs containing matches
  -c, --count               print only a count of matching lines per FILE
  -T, --initial-tab         make tabs line up (if needed)
  -Z, --null                print 0 byte after FILE name

Context control:
  -B, --before-context=NUM  print NUM lines of leading context
  -A, --after-context=NUM   print NUM lines of trailing context
  -C, --context=NUM         print NUM lines of output context
  -NUM                      same as --context=NUM
      --group-separator=SEP use SEP as a group separator
      --no-group-separator  use empty string as a group separator
      --color[=WHEN],
      --colour[=WHEN]       use markers to highlight the matching strings;
                            WHEN is 'always', 'never', or 'auto'
  -U, --binary              do not strip CR characters at EOL (MSDOS/Windows)
  -u, --unix-byte-offsets   report offsets as if CRs were not there
                            (MSDOS/Windows)

'egrep' means 'grep -E'.  'fgrep' means 'grep -F'.
Direct invocation as either 'egrep' or 'fgrep' is deprecated.
When FILE is -, read standard input.  With no FILE, read . if a command-line
-r is given, - otherwise.  If fewer than two FILEs are given, assume -h.
Exit status is 0 if any line is selected, 1 otherwise;
if any error occurs and -q is not given, the exit status is 2.

Report bugs to: bug-grep@gnu.org
GNU Grep home page: <http://www.gnu.org/software/grep/>
General help using GNU software: <http://www.gnu.org/gethelp/>

我平時也是簡單的查看一個用戶數據，用於簡單的數據校對，最近忽然接到分析後臺日誌的需求，才發現grep用處仍是很多的。

好比咱們後臺日誌至關大，要是直接從服務器直接拉取，耗時長佔用帶寬，因此方案就是直接使用 grep關鍵字重定向到新的文件中，從14G直接到12M,而後再數據清洗和分析。

2.實戰介紹

2.1使用grep命令對多文件中多種文本查詢

note :使用egrep命令，可以使用擴展的正則表達式

1.多文件

• grep 'pattern' file1 file2

2.多文本 ， 關係是OR 

• egrep 'pattern1|pattern2' *.py
• grep -e pattern1 -e pattern2 *.py
• grep -E 'pattern1|pattern2' *.doc

例以下面對 對文件中 存在關鍵字 wordA or wordB進行提取:

grep 'wordA\|wordB' *.py
grep -E 'wordA|wordB' *.doc
grep -e wordA -e wordB *.py
egrep "wordA|wordB" *.c

 

3.多文本關係是 AND 

這裏我並無看到 直接能用的【option】,只能加一層管道符|。

例如：

grep -e pattern1 *.py |grep -e pattern2 

 

2.2徹底匹配關鍵詞 -w

grep -w 'warning\|error\|critical' /home/logs

 

2.3使用-i參數忽略大小寫，–color高亮顯示匹配結果

egrep -wi --color 'warning|error|critical' /home/logs

 

2.4遞歸查找

egrep -Rwi --color 'warning|error' /home/logs/