Help with grep/egrep in Bash

Toggle sidebar Toggle sidebar
Saint Nick

Saint Nick

Lifer
Jan 21, 2005
17,722
6
81
Given a snippet of my log file:

Code: 
SYSLCJ1=/tmp/DEVL/tigsmd31.log.DEVL.x6791.tibmd31.s14602
TMPLCJ1=/tmp/tigsmd31.scr.DEVL.x6791.tibmd31.s14602
JobSk1=/tmp/tigsmd31.jsk.DEVL.x6791.tibmd31.s14602
SYSLCJ1=/tmp/DEVL/tigsmd31.log.DEVL.x6791.tibmd31.s14602
End of awk.................
view 
10/19/2011 06:24:17.999586,    x7541, End PD03 (panel TIMD030) Txntime 0.914656 sec, pid 2177207
10/19/2011 06:24:19 accept() connection from 10.30.71.3 on socket 12
10/19/2011 06:24:20.383576,    x7541, Begin PD03, pid 1303801
10/19/2011 06:24:21.447600,    x7541, End PD03 (panel TIMD03A) Txntime 1.064024 sec, pid 1303801
10/19/2011 06:24:23 accept() connection from 10.30.71.3 on socket 12
10/19/2011 06:24:23.863714,    x7541, Begin PD03, pid 1303901
10/19/2011 06:24:25.947599,    x7541, End PD03 (panel TIMD03A) Txntime 2.083885 sec, pid 1303901
10/19/2011 06:24:26 accept() connection from 10.30.71.3 on socket 12
10/19/2011 06:24:26.719516,    x7541, Begin PD03, pid 1304001
10/19/2011 06:24:31.882506,    x7541, End PD03 (panel TIMD030) Txntime 5.162990 sec, pid 1304001

I would like to only keep lines that begin with a date.

I create the following egrep command, but it doesn't work right.

Code: 
egrep '[0-12]/[0-31]/[2010-2100]' logfile.out

My log there was to grab anything with the date...but it doesn't work...any tips?
 
M

mundane

Diamond Member
Jun 7, 2002
5,603
8
81
egrep "^[0-9]+/[0-9]+/[0-9]+ .*$" logfile

A bit greedy, but does the job.
 
Saint Nick

Saint Nick

Lifer
Jan 21, 2005
17,722
6
81
Mundane that worked...I think I understand your grep code but, I guess I don't understand how UNIX knows what to do? Even though you specified 0-9, how does it know to also look at double digits for the months and days, and four digits for the years?

Is it just looking at the numbers in between the back slashes?

For example, even if the date looked like this:

Code: 
90/10/2031

It would still work?
 
M

mundane

Diamond Member
Jun 7, 2002
5,603
8
81
Saint Nick said:
Mundane that worked...I think I understand your grep code but, I guess I don't understand how UNIX knows what to do? Even though you specified 0-9, how does it know to also look at double digits for the months and days, and four digits for the years?

Is it just looking at the numbers in between the back slashes?

For example, even if the date looked like this:

Code: 
90/10/2031

It would still work?
Click to expand...

"+" means one or more repetitions, so it would match 0, 9, 09, 9000, etc. You can specifically enumerate the acceptable values to tighten it down, e.g. "[0-1]?[0-9]" to better match the month. It says '0 or 1 occurrences of 1 or 0, followed by a mandatory single digit between 0 and 9'.

My original grep string *would* pickup your incorrect date. This would be more discriminating:
egrep "^[0-1]?[0-9]+/[1-3]?[0-9]/2[0-1][0-9][0-9] .*$" logfile
 
Last edited:
Saint Nick

Saint Nick

Lifer
Jan 21, 2005
17,722
6
81
Thank you for the fabulous explanation :) Really helped me out to better understand egrep :)
 
K

kedlav

Senior member
Aug 2, 2006
632
0
0
-o returns only the matching expression, though this is generally only found with GNU versions of grep
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom