sharingsunshine
asked on
Need Multiple Patterns In Grep
I have the need to grep a log file on a continuous basis. I have it broken down to 3 steps I can get two of them to work but I am unclear how to add the 3rd grep.
This works but it doesn't cull out the .jpg and such from the list.
egrep -w "Nov" /var/log/access.log | grep -P 'HTTP/1.1\" 404' /var/log/access.log
This is what I have tried that doesn't work.
egrep -w "Nov" /var/log/access.log | grep -v -E "favicon.ico|robots.txt|ma ilalerts.j s|btn_bg.g if|cgi-bin |.jpg"
| grep -P 'HTTP/1.1\" 404' /data/log/access_thp.log-2 0141109
Obviously, I want a way to add in the following portion to a grep that works.
grep -v -E "favicon.ico|robots.txt|ma ilalerts.j s|btn_bg.g if|cgi-bin |.jpg"
Thanks,
This works but it doesn't cull out the .jpg and such from the list.
egrep -w "Nov" /var/log/access.log | grep -P 'HTTP/1.1\" 404' /var/log/access.log
This is what I have tried that doesn't work.
egrep -w "Nov" /var/log/access.log | grep -v -E "favicon.ico|robots.txt|ma
| grep -P 'HTTP/1.1\" 404' /data/log/access_thp.log-2
Obviously, I want a way to add in the following portion to a grep that works.
grep -v -E "favicon.ico|robots.txt|ma
Thanks,
Can you give an example of a line that was returned by your grep attempts that you did not want, or a line that was not returned that you did want?
You'd normally pipe multiple grep's after each other like this:
egrep -w "Nov" /var/log/access.log | grep "something" | grep "something again" | grep ...
egrep -w "Nov" /var/log/access.log | grep "something" | grep "something again" | grep ...
ASKER
When I pipe them together it stops the 404 grep. Consequently, I get all the file types not just the 404's. Here is what I tried combining them as you suggested:
egrep -w "Nov" /data/log/access_thp.log-2 0141109 | grep -v -E "favicon.ico|robots.txt|ma ilalerts.j s|btn_bg.g if|cgi-bin |.jpg"
| grep -P 'HTTP/1.1\" 404
That file name was a misprint on my part it should be /var/log/access.log instead.
here is an example what i want to remove from
1.1.1.1 - - [11/Nov/2014:15:19:37 +0000] "GET /392-large_default/Black_W alnut_100_ Capsules_p _658.jpg HTTP/1.1" 404 281
egrep -w "Nov" /data/log/access_thp.log-2
| grep -P 'HTTP/1.1\" 404
That file name was a misprint on my part it should be /var/log/access.log instead.
here is an example what i want to remove from
1.1.1.1 - - [11/Nov/2014:15:19:37 +0000] "GET /392-large_default/Black_W
If you want to remove
1.1.1.1 - - [11/Nov/2014:15:19:37 +0000] "GET /392-large_default/Black_W alnut_100_ Capsules_p _658.jpg HTTP/1.1" 404 281
then shouldn't it be
grep -v 'HTTP/1.1\" 404'
1.1.1.1 - - [11/Nov/2014:15:19:37 +0000] "GET /392-large_default/Black_W
then shouldn't it be
grep -v 'HTTP/1.1\" 404'
ASKER
sorry I didn't reference back to the original question. I want the 404's I don't want the specific file types. You asked for an example of what I didn't want. Which is this line because it is referencing the .jpg file type.
1.1.1.1 - - [11/Nov/2014:15:19:37 +0000] "GET /392-large_default/Black_W alnut_100_ Capsules_p _658.jpg HTTP/1.1" 404 281
Even though this is a 404 I don't want any of these file types
grep -v -E "favicon.ico|robots.txt|ma ilalerts.j s|btn_bg.g if|cgi-bin |.jpg"
1.1.1.1 - - [11/Nov/2014:15:19:37 +0000] "GET /392-large_default/Black_W
Even though this is a 404 I don't want any of these file types
grep -v -E "favicon.ico|robots.txt|ma
grep -e cat -e dog -e -i november -e -v 2014
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Great job, thanks for the help and the line of code.
Do you want to grep in that file as well?