grep - Global Regular Expression Print
It basically searches for patterns in text(files or streams) using regular expressions.
grep [option] pattern [file..]
Essential Options
| Option | Description |
|---|---|
-i | Ignore case |
-r/-R | Recursive search in directories |
-n | Show line number |
-v | Invert match (Shows text that don’t match) |
-c | Count matching lines |
-l | List filenames with match |
-H | Show filename with match (useful when grepping multiple files) |
--color=auto | Highlight matches |
-E / -e | Use extended regex (like egrep) |
-F | Fixed string search (no regex + faster) |
Example
grep "error" /var/log/syslog # shows text that matches "error"
grep -i "warning" *.log # case insensitive
grep -r "failed password" /var/log
grep -v "^#" /etc/ssh/ssh_config #invert match, in this case it excludes the comments
grep -c "404" access.log #show 404 line precisely
Exercises
- Find all case-insensitive matches of the worf
failedin/var/log/auth.log.
grep -i failed /var/log/auth.log
- Search all
.conffiles in/etcfor lines containingPermitRootLogin.
grep -r PermitRootLogin /etc --include="*.conf"
- List files under
/var/logthat contain the wordkernel.
grep -rl kernel /var/log
- Show all non-comment lines from
/etc/fstab.
grep -v "^#" /etc/fstab
- Count how many times the word
sshdappears in/var/log/messages.
grep -c sshd /var/log/messages
find Locate Files Based On Attributes
It basically searches for files and directories based on name, size, date, permissions, etc. In simple terms, it searches using metadata of the files and directories rather than just using the name of the file.
find [path] [expression]
Essential Options
| Option | Description |
|---|---|
-name "pattern" | Match file/directory name (case-sensitive) |
-iname "pattern" | Match file/directory name (case-insensitive) |
-wholename "pattern" | Matches the whole file/directory name (case-insensitive) |
-type f/d | File(f) or directory (d) |
-size [+/-]N[c/k/M/G] | File size |
-mtime [+/-N] | Modified exactly N days ago (+N older |-N newer) |
-newer file | Modified after a specific date |
-perm | Permissions (eg: 644/u+w) |
-user / -group | Owned by user/group |
-exec CMD {} \; | Execute command on result |
-delete | Delete matching files (not recommended for beginners) |
-maxdepth / -mindepth | Limit directory traversal |
Example
find / -name "iamyaash"
find /etc -type f -iname "*.conf"
find /home -type f -size +100M
find /var/log -mtime -2
find /tmp -type f -user iamyaash
find . -type f -name "*.log" -exec grep -H "error" {} \;
Exercises
- Find all
.logfiles modified in the last 2 days in/var/log.
find /var/log -type f -mtime -2 -name "*.log"
- Search for files larger than
10MBin your home directory
find /home/iamyash -type f -size +10M
- Find all
.sshscripts and list their permissions
find . -type f -name "*.ssh" -exec ls -l {} \;
- Delete all
.tmpfiles in/tmpolder than 7 days
find /tmp -type f -name "*.tmp" -mtime +7 -exec rm -rf {} \;
- Combine
findandgrepto search for “database” in all.conffiles under/etc.
find /etc -type f -name "*.conf" -exec grep "database" {} \;