Linux下grep、tail、wc、awk文件处理命令
grep
Linux系统中grep命令是一种强大的文本搜索工具,它能使用正则表达式搜索文本,并匹配行打印出来。
命令语法:
usage: grep [-abcDEFGHhIiJLlmnOoqRSsUVvwxZ] [-A num] [-B num] [-C[num]]
[-e pattern] [-f file] [--binary-files=value] [--color=when]
[--context[=num]] [--directories=action] [--label] [--line-buffered]
[--null] [pattern] [file ...]
命令实例:
-c:计算匹配到的行数,并显示结果;
➜ ~ ping www.cnblogs.com > blog.log | tail -f blog.log
PING www.cnblogs.com (42.121.252.58): 56 data bytes
64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=26.616 ms
64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=26.738 ms
64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=26.482 ms
64 bytes from 42.121.252.58: icmp_seq=3 ttl=32 time=26.485 ms
64 bytes from 42.121.252.58: icmp_seq=4 ttl=32 time=26.325 ms
^C
➜ ~ grep -c 26.616 blog.log
1
-C 2:显示匹配行,并显示之前与之后的两行,也就是一共显示5行;
➜ ~ grep -C 2 26.616 blog.log
PING www.cnblogs.com (42.121.252.58): 56 data bytes
64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=26.616 ms
64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=26.738 ms
64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=26.482 ms
-A 2:显示匹配行,并显示之后的两行;
➜ ~ grep -A 2 26.616 blog.log
64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=26.616 ms
64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=26.738 ms
64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=26.482 ms
-v:显示不包含匹配行的所有行;
➜ ~ grep -v 26.616 blog.log
PING www.cnblogs.com (42.121.252.58): 56 data bytes
64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=26.738 ms
64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=26.482 ms
64 bytes from 42.121.252.58: icmp_seq=3 ttl=32 time=26.485 ms
64 bytes from 42.121.252.58: icmp_seq=4 ttl=32 time=26.325 ms
-color:显示匹配内容,并用不同颜色突出显示;
➜ ~ grep --color 26.616 blog.log
64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=26.616 ms
tail
tail命令是线上机器查看log最常用的命令,可以从指定点开始将文件写到标准输出,tail -f 可以查看不停打出的日志文件,使你看到最新的log日志。
命令语法:
usage: tail [-F | -f | -r] [-q] [-b # | -c # | -n #] [file ...]
命令实例:
-f:监视File文件增长;
➜ ~ ping www.cnblogs.com > blog.log | tail -f blog.log
PING www.cnblogs.com (42.121.252.58): 56 data bytes
64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=26.250 ms
64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=25.807 ms
64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=25.966 ms
64 bytes from 42.121.252.58: icmp_seq=3 ttl=32 time=25.939 ms
64 bytes from 42.121.252.58: icmp_seq=4 ttl=32 time=25.833 ms
64 bytes from 42.121.252.58: icmp_seq=5 ttl=32 time=25.862 ms
一直显示下去。。。
-q:与-f相反,将文件内容直接显示出来,默认显示文件从后往前数10行的内容;
➜ ~ tail -q blog.log
PING www.cnblogs.com (42.121.252.58): 56 data bytes
64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=26.250 ms
64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=25.807 ms
64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=25.966 ms
64 bytes from 42.121.252.58: icmp_seq=3 ttl=32 time=25.939 ms
64 bytes from 42.121.252.58: icmp_seq=4 ttl=32 time=25.833 ms
64 bytes from 42.121.252.58: icmp_seq=5 ttl=32 time=25.862 ms
-n:从后往前数,显示指定的行数,一般-f结合使用:-fn,比如-fn 20,一次当前显示文件的最后20行,并不停显示文件的最新内容;
➜ ~ ping www.cnblogs.com > blog.log | tail -fn 1 blog.log
PING www.cnblogs.com (42.121.252.58): 56 data bytes
64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=25.813 ms
64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=26.363 ms
64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=26.218 ms
64 bytes from 42.121.252.58: icmp_seq=3 ttl=32 time=26.292 ms
一直显示下去。。。
显示文件内容的同时,显示行号(并不是文件的行号,而是当前显示的行号):
➜ ~ ping www.baidu.com > baidu.log | tail -fn 500 baidu.log | awk '{print NR,$0}' 【或者 ping www.baidu.com > baidu.log | tail -fn 500 baidu.log | cat -n】
1 PING www.a.shifen.com (61.135.169.125): 56 data bytes
2 64 bytes from 61.135.169.125: icmp_seq=0 ttl=51 time=6.030 ms
3 64 bytes from 61.135.169.125: icmp_seq=1 ttl=51 time=3.815 ms
4 64 bytes from 61.135.169.125: icmp_seq=2 ttl=51 time=3.964 ms
5 64 bytes from 61.135.169.125: icmp_seq=3 ttl=51 time=3.775 ms
从后往前数文件2行直接显示出来:
tail -n 2 baidu.log
从文件的第二行开始显示文件剩余部分:
tail -n +2 baidu.log
wc
Linux wc命令用于计算字数。利用wc指令我们可以计算文件的Byte数、字数、或是列数,不制定文件名或者文件名为“-”,则wc会从标准输入设备读取数据。
命令语法:
usage: wc [-clmw] [file ...]
命令实例:
-c 或--bytes或--chars显示Bytes数:
➜ ~ cat blog.log
PING www.cnblogs.com (42.121.252.58): 56 data bytes
64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=25.762 ms
64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=25.733 ms
64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=26.556 ms
➜ ~ wc -c blog.log
238 blog.log
显示行数:-l,显示字数或单词数:-w:
➜ ~ wc -l blog.log
4 blog.log
➜ ~ wc -w blog.log
30 blog.log
不过以上都可以直接wc filename,输出值的含义对应上面两个例子:
➜ ~ wc blog.log
4 30 238 blog.log
awk
awk是一种处理文本文件的语言,是一个强大的文本分析工具。
命令语法:
awk [选项参数] 'script' var=value file(s)
或
awk [选项参数] -f scriptfile var=value file(s)
命令实例:
直接看栗子,就不解释了:
➜ ~ cat blog.log
PING www.cnblogs.com (42.121.252.58): 56 data bytes
64 bytes from 42.121.252.58: icmp_seq=0 ttl=32 time=25.762 ms
64 bytes from 42.121.252.58: icmp_seq=1 ttl=32 time=25.733 ms
64 bytes from 42.121.252.58: icmp_seq=2 ttl=32 time=26.556 ms
➜ ~ awk '{print $1 $2}' blog.log
PINGwww.cnblogs.com
64bytes
64bytes
64bytes
➜ ~ awk '{print $1 " ->> "$2}' blog.log
PING ->> www.cnblogs.com
64 ->> bytes
64 ->> bytes
64 ->> bytes
awk的详情看这里