Parsing logs with grep

From Newroco Tech Docs
Revision as of 11:27, 18 October 2017 by Chris.puttick (talk | contribs)
Jump to navigationJump to search

When tracing faults, going through log files with the aid of grep is an incredibly powerful way to isolate the informative entries from the noise. You can nest grep output with |, so you can slowly remove entries from your output that aren't related to the issue you are trying to understand.

The basic use of grep is 

grep pattern filetolookin

where filetolookin can include wildcards; you can also pass output to grep e.g. 

tail -f mylogfile|grep pattern

and the output from grep can be passed to grep to refine your output 

grep pattern filetolookin|grep pattern2|grep pattern3

If you are looking for a pattern and you're not sure what case it might use 

grep -i pattern filetolookin

will match pattern Pattern PATTERN and anything in between. If you want to find instances of one pattern or another you can use 

grep 'pattern1\|pattern2'

or 

grep -E 'pattern1|pattern2' filetolookin

(noting the containing quote marks). If you want to return results that don't contain a pattern 

grep -v pattern filetolookin

will return anything that doesn't contain pattern.

Retrieved from "http://docswiki.newro.co/index.php?title=Parsing_logs_with_grep&oldid=1126"