Parsing logs with grep

From Newroco Tech Docs
Jump to navigationJump to search

When tracing faults, going through log files with the aid of grep is an incredibly powerful way to isolate the informative entries from the noise. You can nest grep output with |, so you can slowly remove entries from your output that aren't related to the issue you are trying to understand.

The basic use of grep is 

grep pattern filetolookin

where filetolookin can include wildcards; you can also pass output to grep e.g. 

tail -f mylogfile|grep pattern

and the output from grep can be passed to grep to refine your output 

grep pattern filetolookin|grep pattern2|grep pattern3

This will return lines that contain pattern and also pattern2 and also pattern3 (no matter which order they appear in the line). If you are looking for a pattern and you're not sure what case it might use 

grep -i pattern filetolookin

will match pattern Pattern PATTERN and anything in between. If you want to find instances of one pattern or another you can use 

grep 'pattern1\|pattern2'

or 

grep -E 'pattern1|pattern2' filetolookin

(noting the containing quote marks). If you want to return results that don't contain a pattern 

grep -v pattern filetolookin

will return anything that doesn't contain pattern.

If you are looking for a pattern that contains spaces or special characters you can contain the pattern in quotes 

grep "a longer pattern" filetolooking"
Retrieved from "http://docswiki.newro.co/index.php?title=Parsing_logs_with_grep&oldid=1127"