Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

how do i grep

Posted on 2014-02-24
14
Medium Priority
?
278 Views
Last Modified: 2014-04-15
Hi, I am trying to grep a firewall log, however the results I am getting are far too broad.  I just want lines which have 1.1.1.1 in them.

I tried

grep "1.1.1.1"  * >dump

However, the results are pulling lines that are not 1.1.1.1.  Any suggestions?!?!
0
Comment
Question by:NYGiantsFan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +6
14 Comments
 
LVL 14

Expert Comment

by:comfortjeanius
ID: 39882938
You could try....
grep -o "1.1.1.1"  * >dump

Open in new window

By default grep will show the line which matches the given pattern/string, but if you want the grep to show out only the matched string of the pattern then use the -o option.
0
 
LVL 26

Expert Comment

by:pony10us
ID: 39882989
The syntax of the command as shown:

grep "1.1.1.1" * >dump

You are looking for 1.1.1.1 in any file and attempting to send the results to dump.

Using the ">" operator will overwrite each time.  Try using the ">>" to append. There should also be a space between the ">" and the file name "dump".

My guess is that you are getting results like 1.1.1.10, 1.1.1.11, etc.  To get just 1.1.1.1 try this:

grep -w "1.1.1.1" * >> dump
0
 
LVL 21

Expert Comment

by:Mazdajai
ID: 39883050
Do you have sample data, result you are getting and what you are expected to see?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 23

Expert Comment

by:savone
ID: 39883121
Also, grep will see the periods or dots as a regular expression.

Try this:

grep -w '1.1.1.1' *

with single quotes telling grep not to expand regular expressions.
0
 
LVL 15

Expert Comment

by:Insoftservice
ID: 39883308
grep -o '1.1.1.1' *>test.log

grep -w 1.1.11 *>test.log
0
 

Author Comment

by:NYGiantsFan
ID: 39883525
sudo grep -o "1.1.1.1" * > dump.log  is producing this output

10.212.10.2-20140221.log:141.131
10.212.10.2-20140221.log:141.131
10.212.10.2-20140221.log:141.131
10.212.10.2-20140221.log:141.131
10.212.10.2-20140221.log:141.131
10.212.10.2-20140221.log:141.131
10.212.10.2-20140221.log:141.131
10.212.10.2-20140221.log:141.131



sudo grep -w "1.1.1.1" * > dump.log is also not producing the wanted results.  

It appears both are reading the below as 1.1.1.1.  Any ideas?

10.212.10.2-20140221.log:Feb 21 04:48:35 10.212.10.2/10.212.10.2 %ASA-6-302014: Teardown TCP connection 510577569 for vlan1510-outside:141.131.19.197/88 to vlan510-inside:10.212.10.106/58769 duration 0:00:00 bytes 1684 TCP FINs
0
 
LVL 15

Expert Comment

by:Insoftservice
ID: 39883574
did you tried with single quotes

grep '^[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}$' file.txt
0
 
LVL 26

Expert Comment

by:pony10us
ID: 39883575
Did you try single quotes as suggested by Savone in ID: 39883121
0
 
LVL 15

Expert Comment

by:Insoftservice
ID: 39883584
grep "1\.1\.1\.1$"  * > dump.log

Try out these one.

I hope its unique LOL
0
 

Author Comment

by:NYGiantsFan
ID: 39883694
grep "1\.1\.1\.1$"  * > dump.log  resulted in this Illegal variable name.
0
 
LVL 44

Expert Comment

by:Darr247
ID: 39883709
So, what does
grep -w '1.1.1.1' *  > dump.log
give?
0
 
LVL 23

Accepted Solution

by:
savone earned 2000 total points
ID: 39884288
You should try all the examples given, it seems you ignored my answer.

QUOTE:
Also, grep will see the periods or dots as a regular expression.

Try this:

grep -w '1.1.1.1' *

with single quotes telling grep not to expand regular expressions.
0
 
LVL 5

Expert Comment

by:Dave Gould
ID: 39884952
savone is right.
the decimal points are seen as wild cards so you are looking for
1- anychar - 1 - any char - 1 - any char - 1 - anything else..

141.131.19.197 falls into this category quite nicely so is being picked out as a positive result.

putting the string in single quotes will stop the dots from being interpreted as wild cards and they will be treated as you intended. ie as dots.
0
 
LVL 3

Expert Comment

by:Kevin Pham
ID: 39967828
Because grep treats the dot and dash as syntax switch... so you'd have to instruct the shell to treat your arguments as literal ... to do that

$ grep -- '1.1.1.1' *

The double dash (--) tells the system to treat everything behind it as "literal" and NOT switches. Try this and update us if it works for you.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses
Course of the Month11 days, 21 hours left to enroll

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question