Grep (global / regular expression / print) is a unix based command-line text search utility. It was first developed way back in 1973 (yes they had computers back then) and to this day it remains an excellent tool for printing data to the screen.
In the past i used Grep for pulling data out of huge text files. A good example of its use can be seen when you dealing with a lot of data in one file and you want to only display specific information. A few years back i was harvesting emails to send spam (yup.. i was one of those annoying spammers – business is business). I used Google and Yahoo search strings to pull data from commercial servers that was unintentionally listed on search engines. I managed to find several text files containing around half a million emails. I wanted to pull out for example only the addresses served by hotmail. Using the standard find app and cut and paste was a huge nightmare in text files. Using Grep i was able to have my computer do the tedious work for me instead and i was able to process those lists in days rather then months. Grep can also be used for piping specific data from command-line applications. For example piping specific data from hacking tools to the screen to save us from searching through log files for the information we are trying to find.
Below are some nice examples to get you started with using Grep
grep apple fruitlist.txt
The above code prints all the lines from the file “fruitlist.txt” containing the sequence of characters specified (in this case “apple”). This also means that lines containing the word “pineapple” for example are also printed because the line contains the specified sequence of characters as well as additional characters. By default Grep searches for the data as case sensitive so in this example it won’t print the sequence “Apple” (not the capital A) to the command line. The only case where Grep will print the sequence is if if you have a word such as “Aapple” or “appleA”.
grep -i apple fruitlist.txt
In the above example the “-i” request kills the default search for case sensitive characters in the request. What this means is that if the word “Apple” (with a capital A) is written in the file fruitlist.txt then it will print it to the screen as well as the word “apple” (without a capital a).
grep -w apple fruitlist.txt
In this example the “-w- request insists that Grep searches for the exact phrase. Words in the fruitlist.txt file such as apples or pineapples won’t be printed to the screen. Only lines containing the exact phrase “apple” will be printed to the screen. This does not apply to cases as seen under the “-i” example.
grep -w -i apple fruitlist.txt
Using what we learned in the other examples the above code will search for the word “apple” with either capital or non capital letters. It will also only search for those words which match the sequence of characters exactly meaning only “apple” or “Apple” and not “pineapple” or “Pineapple”.
grep -v apple fruitlist.txt
The above code reverses the sense of the match and prints all lines that do not contain “apple”. So if we have the words seen below in our fruitlist.txt file, grep won’t display any word containing the characters “apple” but it will display all the other words in the text file. This means the words “Apple” and “Pineapple” won’t be displayed.
grep -c "Error" logfile.txt
Another way we can use Grep is to count words. Lets say for the above example you have a log file and you want to count the amount of errors per line. Using “-c” we can use the count feature which will have grep search the file “logfile.txt” and print the amount of times it sees the word “error” in the document.
grep AppleTalk /etc/services</code>
The above sequence will print will request for Grep to look for AppleTalk in the services file located in the directory /etc on Mac OSX (change the sequence to correspond with your operating system like Linux or for Windows using Grep32 or DOS Grep) The command displays each line that contains the string requested. On Mac OSX it prints the following data to the screen:
echo 4/ddp #AppleTalk Echo Protocol at-rtmp 201/udp # AppleTalk Routing Maintenance at-rtmp 201/tcp # AppleTalk Routing Maintenance at-nbp 202/udp # AppleTalk Name Binding at-nbp 202/tcp # AppleTalk Name Binding at-3 203/udp # AppleTalk Unused at-3 203/tcp # AppleTalk Unused at-echo 204/udp # AppleTalk Echo at-echo 204/tcp # AppleTalk Echo at-5 205/udp # AppleTalk Unused at-5 205/tcp # AppleTalk Unused at-zis 206/udp # AppleTalk Zone Information at-zis 206/tcp # AppleTalk Zone Information at-7 207/udp # AppleTalk Unused at-7 207/tcp # AppleTalk Unused at-8 208/udp # AppleTalk Unused at-8 208/tcp # AppleTalk Unused
So now that you have the basics of grep down i suggest you play around in it and use some of the above strings to search for data on your own computer. In some future tutorials i will be using grep for piping data from scripts and log files so if you plan to follow me and engulf yourself in a world of hacking fun then read over this article again and try to get familiar with Grep. If you don’t use it along with my tutorials then I’m sure some time in the future it will become quite a handy tool for you when your trying to search through a large amount of files. It beats downloading spyware infested shareware that does the same job with a crappy GUI.