linux下怎么用grep指令找有字符串结尾的行

如何在Linux中查找文件内容 Linux grep文本搜索高级技巧

我记得有一次在服务器上调试时,日志文件有几百兆。
直接用 grep 搜索“错误”太慢了。
The system at the time was CentOS 7 , and the shell used was bash, located in the /vol/app/logs directory. I tried grep -r "error" /vol/app/logs and it hung for almost a minute.后来我改用 grep -r --include=".log" "error" /vol/app/logs。
当我格式化该文件后,大约 1 0 秒后它就出来了。
这表明添加限制可以使 grep 更加高效。

Wait a minute, I have other things to do.之前用grep -n "timeout" access.log检查nginx超时错误,却发现输出的全是行号。
突然我想知道我有哪个版本的 nginx,所以我不得不使用 grep -n --color=always "timeout" access.log 来检查清晰度。
此颜色选项非常有用,尤其是在大屏幕上查看时。

突然我想到将 grep 与 awk 结合使用会很有趣。
例如,要计算各个级别的对数,请使用 ps aux | grep nginx | ​​awk '{print $1 2 }' |排序| unique -c.这种组合将帮助您快速发现问题。
然而,当今有许多监控工具可用。
直接使用zabbix或者prometheus可能会更方便。
然而,有时组合这些基本命令比安装一堆新软件更有效。

但是说真的, grep -E "b([0-9 ]{1 ,3 }.){3 }[0-9 ]{1 ,3 }b" 如果您查看 access.log 并匹配 IP 地址,其中的 b 是什么意思? Is it a word boundary?我检查了手册页,它是这样设计的。
这让我想起上次用Python写解析脚本,用的是re.search(r'\b(1 9 2 \.1 6 8 \.1 \.1 )\b'),和grep的思路是一样的。

如何在Linux下查找文件内容包含某个特定字符串的文件

确实有效。

When I was looking for files in Linux systems, using grep was really a lifesaver. However, I have not studied it in depth on regular expressions. It seems a bit complicated and I don't dare mess with it.哈哈,现在回想起来,那时候的我真是太可爱了。

linux命令如何查找文件中的指定字符

Hey, let me tell you about my mess with Linux back then. At that time, the company's servers were full of log files and it was really difficult to find them.
我记得有一年夏天,系统突然崩溃了,我不得不寻找一条错误的记录。
我直接打开终端,输入 grep "error" /var/log/syslog。
As a result, the screen was so dense that I couldn't see it all. This thing is too slow.
Later, a brother taught me to use Find to filter first. For example, find /var/log -name ".log" will only list .log files and it will be much faster to run grep again.我当时就尝试了一下,确实快了很多。
However, when there are many files, it will still get stuck.
Later, I met him again.文件名中有空格,导致终端混乱。
这次我吸取了教训,使用了 find -print0 | xargs -0 grep.你看,-print0 正确处理带有空格的文件名,xargs -0 稍后处理它们,这提高了效率。
当时我发现4 04 错误,就用了这个方法。
Hey, that was a lot faster than before.
还有一次,我必须检查文件中的某个配置在过去三天内是否发生了更改。
I find it directly. -type f -mtime -3 -exec grep "config" {};,这要准确得多。
However, the manager was still a little slow. Next, I modified it to find . -type f -mtime -3 -print0 | xargs -0 grep, and it was a little faster.
所以如你所见,这个东西没有固定的公式,必须根据实际情况而定。
If it's simple, use grep. If the directory is deep, use grep -r. If the file name is complex, use find -print0 | xargs -0. Just remember not to panic if something happens.