Linux operating system based servers generally do not have a graphical interface for security reasons. In this case, it is very important to know how to use the Linux terminal. A very useful task you can do with Terminal is to search inside a text file. Especially if you are working with configuration files of services such as NTP.
What is Grep?
Grep’s emergency is the universal regular expression writer. (Global Regular Expression Printer). Grep extracts pieces from a given article within certain criteria. Simply enter a template, grep then searches for text that matches that pattern in a text of your own choice. Lists all lines that conform to the template specified. Grep can be used alone or with some commands.
How to Use Grep Command?
The syntax for the grep command you would use when searching a file would be:
grep [options] pattern [FILE]
grep – the command itself
[options] – command qualifiers
pattern – the search query to be found
[FILE] – the file you are searching for
As you can see with the grep –help command, there are many possibilities this command offers us. However, the most important and most used options are:
As you can see, there are many possibilities this command offers us. However, the most important and most used options are:
-i – will not be case sensitive. So if you want to search for the word “omer”, “OMER” will give the same result.
-c – will only show the number of lines in which the pattern searched is
-r – enables recursive search in the current directory
-n – search for rows and get rows matching your search
-v – This option displays rows that do not match the search pattern
Some Useful Grep Samples
You can see the Use of Grep Command Alone and with Some Commands below.
You can use the following command to find the specific word in a file.
Lists the lines containing the word omer in the /etc/passwd file.
grep omer /etc/passwd
If the grep command is used with the -v parameter, it will list all but the specific words. In this example, the /etc/passwd file will list the lines that do not pass omer.
grep -v omer /etc/passwd
If the grep command is used with the -c parameter, it will list how many times the word you searched is used in the file.
grep -c omer /etc/passwd
When using the grep command with the -i parameter, there will be case insensitivity.
grep -i omer /etc/passwd
When used with the grep command with the -r parameter, it will search the folder you specified and all its subfolders.
grep -r omer /etc/passwd
The grep command, when used with the -w parameter, makes the search a little deeper. Searches for lines with words ending in “omer“.
sudo grep -w 'omer\>' *
When Grep is Used with Some Commands
You can see the example below when “Grep” is Used with Some Commands.
Using with the ls command
As you know, the “ls -l” command lists the directory contents. The “grep rwxrwxrwx” part lists the directories where we are given write, read, run permissions for users, groups and others. So instead of seeing all directories, we only see directories with these permissions. (Actually we’re just doing a text search. We filter the output of “ls -l” by directing it to the grep command)
$ ls -l | grep rwxrwxrwx
Forwarding Grep’s Output
You can direct Grep’s output to other programs as follows. As you can see, we separated the “omer” ones from the outputs of the du command with the help of grep. The “more” part is for the printout to be displayed in pages if it is too long.
sudo du |grep 'omer' | more
grep ‘^%%’ parameter
The command “grep ‘^ %%’ / var / lib / ghostscript / CMap / Hankaku | more” shows the lines starting with ‘%%’ from the / var / lib / ghostscript / CMap / Hankaku file. ^ %% ’tells us that %% must be the first character of the line. In the “more” part, if the output is too long, it is to be displayed in pages.
$ grep '^%%' /var/lib/ghostscript/CMap/Hankaku | more
grep -v ‘^[0-9]’ parameter
This command lists the lines in the “/usr/share/doc/util-linux/getopt_changelog.txt” file outside the lines whose first character numbers 0-9. More is again used to divide the output into pages. Enclosing template expressions with single quotes (as in the examples above) is important for the interpreter to work correctly.
grep -v '^[0-9]' /usr/share/doc/util-linux/getopt_changelog.txt | more
Multiple Keyword Search with Grep command
Grep supports multiple queries in a single command. You can see the sample command as follows. This query works quite simply. First, ‘omer’ is searched and then a second grep command is used for the second word named ‘Removed’.
grep 'omer' /home/kali/passfile.txt | grep 'Removed' /usr/share/doc/util-linux/getopt_changelog.txt