Solved

Linux Best Way to Highlight text within Log File

Posted on 2015-01-04
19
210 Views
Last Modified: 2015-01-12
In Linux was is the best command to use to search for and highlight text when in a log file that matches or starts with a specific sequence. For example should I use more, less , VI...etc..
0
Comment
Question by:compdigit44
  • 6
  • 3
  • 3
  • +4
19 Comments
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 40530758
depends on what distribution and version
newer releases will have highlighting when searching for strings in more, less, vi, emacs, grep
0
 
LVL 19

Author Comment

by:compdigit44
ID: 40531387
Thanks...

I found how to search for text using vi but was not successful using more or less. What is the proper syntax of each on Redhat / Fedora release
0
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 40532700
commands are the same on both distributions

you can either use it directly or pipe text

more foo.txt
cat foo.txt | more


less foo.txt
cat foo.txt | less


either way you can press forward slash (/) while in it then type your search pattern
0
 
LVL 19

Author Comment

by:compdigit44
ID: 40534608
thanks...

for / startng the search ...

Why would you use cat over more or less...
0
 
LVL 19

Author Comment

by:compdigit44
ID: 40536858
When I type in more filename it open but when I type "/" it states: Enter:next line Space: next page Q: quit R:show the rest....
0
 
LVL 19

Expert Comment

by:NickUpson
ID: 40543070
more myfile
/ mystring

you could use vim, which has highlighting

or use grep, which will search the entire file non-interactive
0
 
LVL 23

Expert Comment

by:savone
ID: 40543074
Grep is most commonly used to search for strings inside of a text file.  It will (sometimes depending on version) highlight the text, but it will also only show the lines with the search string in them

example:

grep string filename.log
0
 
LVL 19

Author Comment

by:compdigit44
ID: 40543136
Thank you very much... I am trying to understand what I got this message thought when trying to search for text using the more command... Enter:next line Space: next page Q: quit R:show the rest....

I did select / < stringName>
0
 
LVL 19

Expert Comment

by:NickUpson
ID: 40543139
th emore command has shown a page (or believes it has) and is prompting you to see if you want the next line or page or the rest ...
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 37

Accepted Solution

by:
Gerwin Jansen earned 167 total points
ID: 40543380
In less, you can search for a text in forward direction using /<string> and <enter>.
If you want to search in backward direction it is ?<string> and <enter>. If a matching string is found, it is highlighted on screen. To repeat the search in the same direction press n. You can press g to go to the first line and G to go to the last line.

Can you show a sample of the sequence you're looking for and a sample file maybe?
0
 
LVL 27

Expert Comment

by:serialband
ID: 40543381
I would also suggest installing mtail to syntax highlight your log files.  http://freecode.com/projects/mtail
0
 
LVL 34

Assisted Solution

by:Duncan Roe
Duncan Roe earned 166 total points
ID: 40543386
less has far more facilities than more. In less, searches are regular expressions, for which see man grep.
To see what version of less you have, enter less --version. This can be more important to know than the distribution.
I have less 451 (POSIX regular expressions) and as far as I can tell this implements everything in the grep man page. In particular, you can search for a string as a word by enclosing it in escaped angle brackets e.g.
/\<PAGE\>

Open in new window


in my .bashrc highlights PAGE but not PAGER.
Note there must not be a space between the forward-slash and the search string.
Please post sample strings you are trying to find if you need more to go on.
0
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 40543387
Also in less you can use N to search in the opposite direction from n
If you press h, you get help on this and all the other available controls
0
 
LVL 19

Author Comment

by:compdigit44
ID: 40543421
Thanks everyone... I and just tring to understand things better..

On a sample log file I type in: more syslog.log and can view the file page by page. When I type / <string> it does not search for text...

When I use less and the / command it does work..

I am also trying to understand Seth Simmons response post number 40532700
0
 
LVL 23

Assisted Solution

by:savone
savone earned 167 total points
ID: 40543445
Using the more command is a bad way to search for text.  Using the +/"string" will search, but it will show the complete file after finding the first match to the string.

Here is an example:

more +/"string" filename.txt

The grep command is more suited for searching strings and displaying lines with those strings.

As far as Seth's comments he was just showing the basic usage of more and less commands.
0
 
LVL 19

Author Comment

by:compdigit44
ID: 40543448
thanks...

It sounds like if I want to search for text in a file grep and less are best choices
0
 
LVL 23

Expert Comment

by:savone
ID: 40543507
I would say grep would be your best option.
0
 
LVL 19

Expert Comment

by:NickUpson
ID: 40543773
less is interactive
grep is not

you may want to do "grep string filename | less"
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now