1.四劍客-grep

案例01 過濾出 /etc/passwd中包含 oldboy或root的行

[root@m01 ~]# egrep 'oldboy|root' /etc/passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
oldboy:x:1000:1000:zhuzhu[oldboy(oldboy)]:/home/oldboy:/bin/bash

案例02 過濾顯示行號

[root@m01 ~]# egrep -n 'oldboy|root' /etc/passwd
1:root:x:0:0:root:/root:/bin/bash
10:operator:x:11:0:operator:/root:/sbin/nologin
21:oldboy:x:1000:1000:zhuzhu[oldboy(oldboy)]:/home/oldboy:/bin/bash

案例03 排除/etc/ssh/sshd_config中的空行或#行

egrep -v '^$|#' /etc/ssh/sshd_config

案例04 匹配出文件中所有的單詞

egrep '[a-z]+' /etc/passwd
egrep -o  '[a-z]+' /etc/passwd

案例05 精確的匹配 oldboy 不匹配oldboylidao oldboy666 666oldboy

[root@m01 /server/files]# cat name.txt 
oldboy
oldboylidao
oldboy666
oldboyedu
[root@m01 /server/files]# egrep 'oldboy' name.txt 
oldboy
oldboylidao
oldboy666
oldboyedu
[root@m01 /server/files]# egrep -w 'oldboy' name.txt     ※※※※※
oldboy
[root@m01 /server/files]# egrep '\boldboy\b' name.txt 
oldboy
[root@m01 /server/files]# egrep '\<oldboy\>' name.txt 
oldboy

案例06 遞歸過濾 網(wǎng)站被入侵,找出哪個文件被插入了病毒代碼 vir.com

[root@m01 ~]# find /etc/ -type f |xargs grep -l oldboy   --color 
/etc/fstab
/etc/group
/etc/gshadow
/etc/hosts
/etc/group-
/etc/gshadow-
/etc/passwd
/etc/passwd-
/etc/shadow-
/etc/shadow
/etc/lvm/archive/centos_oldboy-muban_00000-1606901839.vg
/etc/lvm/backup/centos_oldboy-muban
/etc/default/grub
/etc/sudoers
/etc/aliases.db
/etc/openvpn/check.sh
/etc/openvpn/openvpnfile
/etc/ansible/hosts

介意

###find+grep方式 可以指定以...結(jié)尾的 更加精確      
find /etc -type f -name "*.conf" |xargs grep   'oldboy'
###grep -Rl   '內(nèi)容'   簡單匹配,無法精確以...結(jié)尾的文件  
grep -Rl  'oldboy' /etc 
#-R 遞歸
#-l 只顯示文件名

案例07 匹配內(nèi)容及上下文

egrep  -C 5  'server_name' /etc/nginx/nginx.conf.default 
-A -B

案例08 不區(qū)分大小寫過濾

[root@m01 /server/files]# egrep -i 'OLDBOY' /etc/passwd
oldboy:x:1000:1000:zhuzhu[oldboy(oldboy)]:/home/oldboy:/bin/bash

案例09 grep命令限制匹配的行數(shù)

[root@m01 /server/files]# grep 'oldboy' name.txt
oldboy oldboy
oldboylidao
oldboy666
oldboy1921

案例10 過濾的時候 不顯示文件名 只顯示文件內(nèi)容

[root@m01 /server/files]# grep 'oldboy' name.txt   oldboy.txt 
name.txt:oldboy oldboy
name.txt:oldboylidao
name.txt:oldboy666
name.txt:oldboy1921
oldboy.txt:I am oldboy teacher!
oldboy.txt:my blog is http://oldboy.blog.51cto.com 
oldboy.txt:our size is http://blog.oldboyedu.com 
[root@m01 /server/files]# grep -h 'oldboy' name.txt   oldboy.txt 
oldboy oldboy
oldboylidao
oldboy666
oldboy1921
I am oldboy teacher!
my blog is http://oldboy.blog.51cto.com 
our size is http://blog.oldboyedu.com 

案例11 統(tǒng)計次數(shù)(行數(shù))

[root@m01 /server/files]# ps -ef |grep crond  
root        982      1  0 01:41 ?        00:00:00 /usr/sbin/crond -n
root       3661   3525  0 08:56 pts/0    00:00:00 grep --color=auto crond
[root@m01 /server/files]# ps -ef |grep crond |grep -v grep 
root        982      1  0 01:41 ?        00:00:00 /usr/sbin/crond -n
[root@m01 /server/files]# ps -ef |grep crond |grep -v grep |wc -l 
1
[root@m01 /server/files]# ps -ef |grep -c [c]rond
1
[root@m01 /server/files]# ps -ef |grep -c '[c]rond'
1

案例12 使用perl正則表達式

[root@m01 /server/files]# grep -P   '\d+' oldboy.txt 
my blog is http://oldboy.blog.51cto.com 
my qq is 49000448
not 4900000448.
____aaaaolidao996
[root@m01 /server/files]# grep -Po   '\d+' oldboy.txt 
51
49000448
4900000448
996