The grep command is one of the handiest Linux commands you will use. The grep utitility was originally writing for UNIX and stands for Global Regular Expression Print. What grep does is search for strings in practically anything you need to search. You can search nearly any type of file, output, logs...you name it, grep can search it.
But because grep is so handy, it's hard to know where to start. Of course you can use grep in the standard way, but when you can do so much with a command, why not learn some cool tricks. And that's what we'll do here - learn how to use grep to really make it useful.
Before we get into some fun stuff, we should look at the basic command structure. To use grep in its most basic form you follow this structure:
grep STRING FILE
Where STRING is the string of characters you want to search for and FILE is the file you want to search.
Say, for instance, I want to search the file test.txt for the string "Linux" (no quotes). I can do this with the command:
grep Linux test.txt
What grep will do is print out (at the prompt) every line in the file that contains the word Linux. But what if you are searching a large configuration file and you need to find the location of a specific option. To do this you can add the "n" switch which will print out the line numbers associated with each line. Let's look at a different example. Say you need to find out what port Dansguardian listens to. Instead of scrolling through every line of the /etc/dansguardian/dansguardian.conf file for the string "port" (no quotes), you could issue the command:
grep -n port /etc/dansguardian/dansguardian.conf
which would report back something like:
6:# Web Access Denied Reporting (does not affect logging)
10:# 1 = report why but not what denied phrase
11:# 2 = report fully
14:reportinglevel = 3
17:# The HTML template within this dir is only used when reportinglevel
87:# the port that DansGuardian listens to.
88:filterport = 8080
93:# the port DansGuardian connects to proxy on
94:proxyport = 3128
97:# dansguardian reporting script was copied. Only used in reporting levels 1 and 2.
153:# the naughtyness limit will be log
So you can see that line 88 is the filter port and 94 is the proxy port. Easy. Now let's see what else grep can do.
Lines before and after
What if you not only want to see the single line associated with a string, but also a certain amount of lines above and below that line. You can do this using the -A and -B switches like so (we'll stick with our dansguardian example):
grep -B1 -A2 -n port dansguardian.conf
The above command would print out not only each line containing the string "port" (no quotes) but also the 1 line above it and the next two lines below it.
Pipe other commands
You remember the dmesg command. This command prints out the kernel buffer - it's where you learn a lot about your machine. What if you want to check out CPU information in the dmesg output. You can issue the command dmesg | less and scroll around until you find it, or you can issue the command:
dmesg | grep -n CPU
which will print out all the dmesg output that contains the string CPU and the lines numbers associated with each line.
You can also have grep help you in your search of directories. To do this you would use it in conjunction with, say, the find command. Say you were looking for the configuration file for the nano text editor but you had no idea what it was called or where it was located. You could pipe the output of the find command to grep (as the root or sudo user) like so:
find / | grep nano | less
and you would see among the output:
Bingo! There's your configuration file.
As you can see there are a number of ways that the grep command can be of assistance. And this is only scratching the surface. Do you have a nifty way to use grep? If so, share it with your fellow ghacks members.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.