grep
- 1. grep正则过滤---基本正则匹配
- 1.1 * 0或多个
- 1.2 \ < 词首定位符号 \ >词尾定位符号
- 1.3 ^ 以什么开头
- 1.4 $ 以什么结尾
- 1.5 . 匹配单个字符
- 1.6 .* 任意多个字符
- 1.7 [ ] 匹配方括号中的任意一个字符
- 1.8 [ - ] 匹配指定范围内的一个字符
- 1.9 [^ ] 匹配不在指定组内的字符
- 2. grep扩展正则匹配---egrep
grep命令是Globally search a Regular Expression and Print的缩写,表示进行全局的正则匹配并进行打印。
grep的相关扩展命令包括egrep和fgrep,其中egrep支持更多的正则匹配,fgrep只进行字符的匹配,不支持正则表达式。
[root@localhost ~]# grep '^#' /etc/ssh/ssh_config //过滤以#号开头的行
[root@localhost ~]# grep '^#.*no$' /etc/ssh/ssh_config //匹配以#开头,以no结尾
#ForwardAgent no
#ForwardX11 no
#RhostsRSAAuthentication no
#HostbasedAuthentication no
#GSSAPIAuthentication no
#GSSAPIDelegateCredentials no
#GSSAPIKeyExchange no
#GSSAPITrustDNS no
#BatchMode no
#Tunnel no
#PermitLocalCommand no
#VisualHostKey no
#CheckHostIP no
[root@localhost ~]# grep -v '^#' /etc/ssh/ssh_config //-v:取反,表示反向查找
[root@localhost ~]# grep 'port' /etc/ssh/ssh_config
[root@localhost ~]# grep -i 'port' /etc/ssh/ssh_config //-i忽略大小写
[root@localhost ~]# grep 'bash' /opt/test/ //过滤某个目录下面带有bash的行
[root@localhost ~]# grep -r 'bash' /opt/test/ //-[r|R]表示递归查询
//递归查询:搜索当前目录和所有子目录中的文件
[root@localhost tmp]# cat a.txt
love
love you
i love you
[root@localhost tmp]# cat b.txt
do you love me
love you
i love you
[root@localhost tmp]# grep -r "love" . //.代表当前目录
./a.txt:love
./a.txt:love you
./a.txt:i love you
./b.txt:do you love me
./b.txt:love you
./b.txt:i love you
1. grep正则过滤—基本正则匹配
1.1 * 0或多个
[root@localhost ~]# useradd abrt
[root@localhost ~]# grep 'abr*' /etc/passwd
abrt:x:1041:1041::/home/abrt:/bin/bash
1.2 \ < 词首定位符号 \ >词尾定位符号
[root@localhost ~]# cat jack.txt
Jack JACK JAck jackly jack
//以J或者j开头,以ack结尾全局(g)匹配出来的结果全部替换成123
:%s/\<[Jj]ack\>/123/g
:%s#\<[Jj]ack\>#123#g //即/可以用#表示
参数解释:
%s/foo/bar/g:用bar替换每一行的foo
% 表示所有行
s 用来替换文本
/foo/ 指定被替换的模式
/bar/ 指定替换成的文本
/g 匹配模式出现多次时也替换
1.3 ^ 以什么开头
[root@localhost ~]# grep '^root' /etc/passwd
root:x:0:0:root:/root:/bin/bash
1.4 $ 以什么结尾
[root@localhost ~]# grep 'bash$' /etc/passwd
root:x:0:0:root:/root:/bin/bash
confluence:x:1000:1000:Atlassian Confluence:/home/confluence:/bin/bash
to:x:1003:1003::/home/to:/bin/bash
1.5 . 匹配单个字符
[root@localhost ~]# grep 'r..t' /etc/passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
dockerroot:x:998:995:Docker User:/var/lib/docker:/sbin/nologin
[root@localhost ~]# grep 'r.t' /etc/passwd
operator:x:11:0:operator:/root:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
1.6 .* 任意多个字符
[root@localhost ~]# grep 'r.*t' /etc/passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin polkitd:x:999:997:User for polkitd:/:/sbin/nologin postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin dockerroot:x:998:995:Docker User:/var/lib/docker:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin
abrt:x:1041:1041::/home/abrt:/bin/bash
1.7 [ ] 匹配方括号中的任意一个字符
[root@localhost ~]# grep 'Root' /etc/passwd
[root@localhost ~]# grep '[Rr]oot' /etc/passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
dockerroot:x:998:995:Docker User:/var/lib/docker:/sbin/nologin
1.8 [ - ] 匹配指定范围内的一个字符
[root@localhost ~]# grep [a-z]oot /etc/passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
dockerroot:x:998:995:Docker User:/var/lib/docker:/sbin/nologin
1.9 [^ ] 匹配不在指定组内的字符
[root@localhost ~]# grep '[^0-9]oot' /etc/passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
dockerroot:x:998:995:Docker User:/var/lib/docker:/sbin/nologin[root@localhost ~]# grep '[^0-9A-Z]oot' /etc/passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
dockerroot:x:998:995:Docker User:/var/lib/docker:/sbin/nologin
[root@localhost ~]# grep '[^0-9A-Za-z]oot' /etc/passwd //A-Z只是大写的
[root@localhost ~]#
[root@newrain ~]# useradd Root
[root@newrain ~]# grep '[A-Za-z]oot' /etc/passwd //a-z
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
dockerroot:x:998:995:Docker User:/var/lib/docker:/sbin/nologin Root:x:1042:1042::/home/Root:/bin/bash
[root@localhost ~]# grep '^[rc]oot' /etc/passwd
root:x:0:0:root:/root:/bin/bash
//注意:^在[]内表示取反,^在[]外表示以什么开头
2. grep扩展正则匹配—egrep
| 扩展正则表达式元字符 | 功能 | 示例 |
|---|---|---|
| + | 匹配一次或多次前导字符 | [a-z]+ove |
| ? | 匹配零次或一次前导字符 | lo?ve |
| a|b | 匹配a或b | love|hate |
| x{m} | 字符x重复m次 | o{5} |
| x{m,} | 字符x重复至少m次 | o{5,} |
| x{m,n} | 字符x重复m到n次 | o{5,10} |
| () | 字符组 | love(able|rs)ov |
[root@localhost ~]# cat /etc/resolv.conf //DNS配置文件
#Generated by NetworkManager
search localdomain
nameserver 223.5.5.5
nameserver 114.114.114.114
//匹配4位数的数字最少出现1-3次
[root@localhost ~]# egrep '[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}' /etc/resolv.conf
nameserver 223.5.5.5
nameserver 114.114.114.114
//匹配第一位数的数字最少出现3次,后面3位数不指定出现次数
[root@localhost ~]# egrep '[0-9]{3,}.[0-9].[0-9].[0-9]' /etc/resolv.conf
nameserver 223.5.5.5
//匹配4位数的数字最少出现3次
[root@localhost ~]# egrep '[0-9]{3,}.[0-9]{3,}.[0-9]{3,}.[0-9]{3,}' /etc/resolv.conf
nameserver 114.114.114.114
[root@localhost ~]# ip a| egrep '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'inet 127.0.0.1/8 scope host loinet 192.168.17.128/24 brd 192.168.17.255 scope global ens33
[root@localhost ~]# ifconfig| egrep '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'inet 192.168.17.128 netmask 255.255.255.0 broadcast 192.168.17.255inet 127.0.0.1 netmask 255.0.0.0
//+ 匹配一个或多个前导字符
[root@localhost ~]# egrep 'ro+t' /etc/passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
dockerroot:x:998:995:Docker User:/var/lib/docker:/sbin/nologin
//? 匹配零次或一次前导字符
[root@localhost ~]# egrep 'sys?' /etc/passwd
sync:x:5:0:sync:/sbin:/bin/sync
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
//a|b 匹配a或b
[root@localhost ~]# netstat -anlp|egrep ':80|:22'
[root@localhost ~]# egrep 'root|alice' /etc/passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
dockerroot:x:998:995:Docker User:/var/lib/docker:/sbin/nologin
//x{m} 字符x重复m次
[root@localhost ~]# cat a.txt
love
love.
loove
looooove
[root@localhost ~]# egrep 'o{2}' a.txt
loove
looooove //这里是匹配到oooo
[root@localhost ~]# egrep 'o{2,}' a.txt
loove
looooove
[root@localhost ~]# egrep 'o{6,7}' a.txt
总结:
没有括号看前面的一个字符
love* 出现0-n次
love? 出现0-1次
love+ 出现1-n次
love{2} 出现2次
有括号表示一个组
lo(ve)* 出现0-n次
lo(ve)? 出现0-1次
l(ove)+ 出现1-n次
lo(ve){4} 出现4次
)
)
)
