Mastering grep : A Comprehensive Guide with Advanced Examples

The grep command is a powerful text-searching utility that can be used to filter and analyze large amounts of data quickly. While macOS comes with BSD grep, you can install GNU grep via Homebrew for additional features. This guide will take you from basic usage to advanced techniques, including recursive searching, pattern matching, and performance optimization.

1. Basic Syntax of grep

grep [OPTIONS] "pattern" filename

• pattern – The text or regular expression to search for.
• filename – The file(s) to be searched.

For example, to search for “error” in a file called log.txt:

grep "error" log.txt

2. Commonly Used Options

2.1 Case-Insensitive Search (-i)

grep -i "error" log.txt

Matches “error,” “Error,” “ERROR,” etc.

2.2 Recursive Search (-r)

grep -r "error" /var/log/

Searches all files under /var/log/.

2.3 Show Line Numbers (-n)

grep -n "error" log.txt

Displays matched lines with line numbers.

2.4 Whole Word Match (-w)

grep -w "error" log.txt

Matches “error” but not “errors” or “erroneous.”

2.5 Invert Match (Exclude Lines) (-v)

grep -v "error" log.txt

Prints all lines that do not contain “error.”

2.6 Count Matches (-c)

grep -c "error" log.txt

Returns the number of matching lines.

2.7 Multiple Patterns (-E)

grep -E "error|warning|failed" log.txt

Matches “error,” “warning,” or “failed.”

3. Advanced Techniques

3.1 Extracting Only Matching Words (-o)

grep -o "error" log.txt

Outputs only the word “error” for each occurrence.

3.2 Displaying Context Lines (-A, -B, -C)

Show 3 lines after a match:

grep -A 3 "error" log.txt

Show 3 lines before a match:

grep -B 3 "error" log.txt

Show 3 lines before and after a match:

grep -C 3 "error" log.txt

3.3 Using Grep with Regular Expressions

Match a phone number format:

grep -E "[0-9]{3}-[0-9]{3}-[0-9]{4}" contacts.txt

Find email addresses:

grep -E "[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}" emails.txt

Find lines that start with “ERROR”:

grep -E "^ERROR" log.txt

Find lines ending with “failed”:

grep -E "failed$" log.txt

4. Searching in Multiple Files

4.1 Search in All .log Files

grep "error" *.log

4.2 Search in Multiple Files

grep "error" log1.txt log2.txt

4.3 Search in All Files in a Directory

grep -r "database connection" /var/log/

5. Combining grep with Other Commands

5.1 Filtering Running Processes

ps aux | grep "node"

Lists all processes related to Node.js.

5.2 Finding Files Containing a Specific Word

find /var/www -type f -exec grep -l "database" {} +

Lists files in /var/www containing "database."

5.3 Monitoring Log Files in Real-Time

tail -f /var/log/syslog | grep "error"

Continuously monitors /var/log/syslog for new lines containing "error."

5.4 Finding Unique Matches

grep "error" log.txt | sort | uniq

Filters duplicate matches.

6. Performance Optimization

6.1 Faster Search with -F

grep -F "error" log.txt

Disables regex for better performance.

6.2 Parallel Grep with xargs

find . -type f -name "*.log" | xargs -P 4 grep "error"

Utilizes multiple CPU cores for faster searching.

7. Searching in Current Directory Recursively

Search recursively in the current directory:

grep -r "pattern" .

Exclude a specific folder while searching:

grep -r --exclude-dir=folder_to_skip "pattern" .

Exclude multiple directories:

grep -r --exclude-dir={dir1,dir2} "pattern" .

Match words containing “log”:

grep -r -E "\w*log\w*" .

Exclude node_modules and .yarn directories:

grep -r --exclude-dir={node_modules,.yarn} -E "\w*log\w*" .

Exclude yarn.lock file along with directories:

grep -r --exclude-dir={node_modules,.yarn} --exclude=yarn.lock -E "\w*log\w*" .

8. Installing GNU grep on macOS

macOS ships with BSD grep, which lacks some features. Install GNU grep via Homebrew:

brew install grep

Use ggrep instead of grep:

ggrep --color=auto "error" log.txt

9. Practical Use Cases

9.1 Searching for Errors in System Logs

grep -i "error" /var/log/system.log

9.2 Finding Requests from a Specific IP

grep "192.168.1.1" /var/log/nginx/access.log

9.3 Extracting All TODO Comments from Code

grep -r "TODO" ~/projects/

9.4 Checking for Failed SSH Login Attempts

grep "Failed password" /var/log/auth.log

9.5 Extracting All Links from an HTML File

grep -o 'http[s]*://[^"]*' index.html

9.6 Recursive Search for Words Containing “log” with Line Numbers and Context in macOS/Linux

grep -A 3 -n -r --exclude-dir={node_modules,.yarn} --exclude=yarn.lock -E "\w*log\w*" .

10. Conclusion

The grep command is an essential tool for developers, system administrators, and power users. Whether you're debugging logs, searching through code, or analyzing text files, grep can significantly boost your efficiency. By integrating grep with regular expressions, find, and xargs, you can enhance your text-processing skills and streamline your workflow.

Start practicing these advanced techniques today and make your searches more efficient!