![]() Since awk searches the file linearly, the pattern should match the lines that start from the time 17:00:00 to 18:00:00 in sequence. ![]() The ? in the regular expression matches exactly one character. Now, let’s print all the kernel logs from December 25 between 17:00:00 and 18:00:00: $ awk '/Dec 25 17:?:?/,/Dec 25 18:?:?/' log | grep kernelĭec 25 17:09:19 hey kernel: x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'ĭec 25 19:30:39 hey kernel: perf: interrupt took too long (3966 > 3952), lowering kernel.perf_event_max_sample_rate to 50400 Mind that comma that separates both the patterns. As an example, let’s find the entries of December 25 between 17:10:16 and 17:44:39 in the log file: $ pcregrep -M 'Dec 25 17:10:16.*(\n|.)*Dec 25 17:44:39' logĭec 25 17:10:16 hey NetworkManager: dhcp6 (enp5s0): request timed outĭec 25 17:10:16 hey NetworkManager: dhcp6 (enp5s0): state changed unknown -> timeoutĭec 25 17:44:39 hey NetworkManager: manager: NetworkManager state is now CONNECTED_GLOBALĪs we can see, the pattern is pretty much the same except the (\n|.)* part, which basically matches every character and newline between the two given times. We can enable the multi-line search pattern in pcregrep by providing the -M option. The advantage of using pcregrep is that it’s slightly faster than grep, and we don’t have to refine the matched text with the -Pzo options. The libpcre library is what powers the Perl 5 regular expressions. The pcregrep utility is a grep variant that uses libpcre exclusively. Therefore, we can see two different entries from the log file that matched this pattern. Now, when we combine this regular expression with Dec 25.*\n, we direct grep to match any line inside the log file that starts with Dec 24 until the end of the line, followed by the next immediate line that starts with Dec 25 and ends with a newline. *\n in our case matches any character after Dec 24 until it reaches the newline * in the regular expression will match any character until it reaches a NUL character The pattern signifies that our desired text should start with Dec 24.The -o option enables grep to print only the matched text and ignore trailing spaces.The -z option treats the matched text as a sequence of lines by adding the NUL character to each line’s ending.The -P option enables the PCRE add-on for grep.We can do so with grep as: $ grep -Pzo 'Dec 24.*\nDec 25.*\n' logĭec 24 23:53:31 hey rtkit-daemon: Supervising 8 threads of 5 processes of 1 users.ĭec 25 00:00:31 hey systemd: Starting Daily man-db regeneration. Let’s say we want to find out the last entry of December 24 and the first entry of December 25 in the journald‘s log file. Therefore, it allows us to do more magic with pattern searching. The Perl-Compatible Regular Expression (PCRE) add-on enables us to provide Perl’s regular expressions to grep. The -P option enables the PCRE add-on for grep. While it’s possible to use grep multiple times to achieve the required result, it’s more convenient to use the -P or –perl-regexp option. The problem with using grep‘s regular expression is that the pattern is limited to only a single line.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |