# journalctl run remotely, grep run locally
ssh myserver journalctl | grep sshd
# both commands run remotely
ssh myserver "journalctl | grep sshd"

sed

sed (Stream Editor) is a powerful command-line tool in Unix/Linux that is used for parsing and transforming text, typically used for finding, replacing, or deleting content in a file or input stream.

Common sed Commands:

  • Substitution (s):
sed 's/pattern/replacement/' file
  • s: The substitution command.
  • pattern: The string or pattern to search for.
  • replacement: The string to replace the pattern with.

Example:

sed 's/apple/orange/' fruits.txt

This replaces the first occurrence of the word “apple” with “orange” on each line.

  • Delete (d):
sed '/pattern/d' file

Deletes all lines that match a given pattern.

  • Print (p):
sed -n 'p'

Prints lines (used with -n to suppress default behavior).

Example:

# This will print lines 2 and 3
sed -n '2,3p' example.txt

Basic, Common, and Most-Used Regular Expressions (Regex)

Basic Regex Symbols and Their Meaning

Quantifiers specify how many instances of a character, group, or character class must be present in the input for a match.

  1. . (dot): Matches any single character except a newline.

    • Regex: a.b
    • Matches: "a1b", "axb", "a b"
    • Does not match: "ab", "a\nb"

  2. * (asterisk): Matches zero or more occurrences of the preceding character.

    • Regex: ca*t
    • Matches: "ct", "cat", "caat", "caaaaat"

  3. + (plus): Matches one or more occurrences of the preceding character.

    • Regex: ca+t
    • Matches: "cat", "caat"
    • Does not match: "ct"

  4. ? (question mark): Matches zero or one occurrence of the preceding character.

    • Regex: ca?t
    • Matches: "cat", "ct"
    • Does not match: "caat"

  5. {} (braces): Matches a specific number of occurrences.

    • {n}: Exactly n occurrences.
      • Regex: a{3}
      • Matches: "aaa"
    • {n,}: At least n occurrences.
      • Regex: a{2,}
      • Matches: "aa", "aaa", "aaaa"
    • {n,m}: Between n and m occurrences.
      • Regex: a{2,4}
      • Matches: "aa", "aaa", "aaaa"
      • Does not match: "a", "aaaaa"

Anchors (for Position Matching)

Anchors don’t match characters, but rather positions in the string.

  1. ^ (caret): Matches the start of a string.

    • Regex: ^hello
    • Matches: "hello world"
    • Does not match: "world hello"

  2. $ (dollar sign): Matches the end of a string.

    • Regex: world$
    • Matches: "hello world"
    • Does not match: "world hello"

  3. \b (word boundary): Matches the position between a word character (\w) and a non-word character.

    • Regex: \bcat\b
    • Matches: "cat is here", "I have a cat"
    • Does not match: "caterpillar", "catch"

Grouping and Alternation

  1. Parentheses (): Used to group part of the regex for applying quantifiers or capturing matches.

    • Regex: (ab)+
    • Matches: "ab", "abab", "ababab"
    • Does not match: "a", "b", "aab"

  2. Pipe | (Alternation): Acts like a logical OR, matching either of the patterns.

    • Regex: cat|dog
    • It looks for the entire word
    • Matches: "cat" or "dog"

Summary of Most-Used Regex Elements:

Regex SymbolMeaning
.Any single character (except newline)
*Zero or more of the previous element
+One or more of the previous element
?Zero or one of the previous element
{n}Exactly n occurrences
^Start of a string
$End of a string
\[\]Character class (match any character inside)
\dAny digit (0-9)
\wAny word character (alphanumeric + underscore)
\sAny whitespace character
``
()Grouping

Example Use of sed with Regex:

Command:

sed 's/[0-9]/#/g'

Explanation:

  • This will replace all digits (\[0-9\]) in the input with #(\ is the escape character here).
ssh myserver journalctl
 | grep sshd
 | grep "Disconnected from"
 | sed -E 's/.*Disconnected from (invalid |authenticating )?user (.*) [^ ]+ port [0-9]+( \[preauth\])?$/\2/'
 | sort | uniq -c
 | sort -nk1,1 | tail -n10
 | awk '{print $2}' | paste -sd,

sort -k 1,1: The -k option specifies the sort key, which determines which part of the line should be used for sorting.

  • 1,1 means the sort is done based on the first field (column).
  • Fields are separated by whitespace by default.
  • 1,1 restricts the sorting to the first field only, and no other part of the line is used for sorting.

paste -sd: This command can combine lines of input.

  • -s: The -s option tells paste to merge all the input lines into a single line (instead of pasting them side by side).
  • -d,: The -d option specifies the delimiter, which in this case is a comma (,). It tells paste to join the items using a comma.

awk

awk is a powerful command-line tool used for text processing and data extraction in Unix/Linux environments. It operates on files or input streams, typically treating each line as a record, and each part of the line as a field. awk is ideal for extracting specific fields, performing operations on data, and formatting output.

Basic awk Command Format:

awk 'pattern { action }' [file]
  • pattern: The condition or pattern that determines which lines awk will process.
  • action: The operation to perform on the lines that match the pattern.
  • file: The input file (or input from stdin if no file is provided).

Basic Examples:

1. Print Every Line of a File:

awk '{ print $0 }' filename

This command prints every line of the file ($0 refers to the entire line).

2. Print a Specific Field:

awk '{ print $2 }' filename

This prints the second field ($2) of each line in the file.

Example Input (example.txt):

John 25 Manager
Jane 30 Developer
Tom 22 Designer

awk '{ print $1 }' example.txt

Output:

John
Jane
Tom

This prints only the first field (name) from each line.

Common awk Use Cases:

1. Print Specific Fields:

You can specify which fields (columns) to print using $1, $2, etc.

awk '{ print $1, $3 }' example.txt

Output:

John Manager
Jane Developer
Tom Designer

2. Specify a Field Separator:

By default, awk assumes fields are separated by whitespace. You can change the field separator using the -F option.

Example with a CSV file:

John,25,Manager
Jane,30,Developer
Tom,22,Designer

To print the first and third fields of a CSV file:

awk -F',' '{ print $1, $3 }' example.csv

Output:

John Manager
Jane Developer
Tom Designer

Here, -F',' tells awk to use a comma as the field separator.

3. Conditional Processing:

You can apply conditions to control which lines are processed.

Example: Print lines where the second field (age) is greater than 25.

awk '$2 > 25 { print $1, $2 }' example.txt

Output:

Jane 30

This prints only the lines where the second field (age) is greater than 25.

4. Perform Arithmetic Operations:

awk can perform arithmetic on fields.

Example: Add 10 to each person’s age.

awk '{ print $1, $2 + 10 }' example.txt

Output:

John 35
Jane 40
Tom 32

5. Pattern Matching:

You can use regular expressions to match patterns.

Example: Print lines that contain the word “Developer”:

awk '/Developer/ { print $0 }' example.txt

Output:

Jane 30 Developer

You can use awk to process lines that match (or don’t match) specific patterns.

Advanced Features of awk:

1. BEGIN and END Blocks:

awk allows you to define special actions at the start and end of processing.

  • BEGIN: Executes before processing the input.
  • END: Executes after processing all input.

Example: Calculate the sum of ages.

awk 'BEGIN { sum = 0 } { sum += $2 } END { print "Total age:", sum }' example.txt

Output:

Total age: 77

Here:

  • The BEGIN block initializes the sum variable to 0.
  • The main block { sum += $2 } adds the second field (age) to the sum for each line.
  • The END block prints the total after processing all lines.

2. Built-in Variables:

awk has several built-in variables:

  • NR: Current record number (line number).
  • NF: Number of fields in the current record.
  • $0: The entire line.

Example: Print each line with its line number.

awk '{ print NR, $0 }' example.txt

Output:

1 John 25 Manager
2 Jane 30 Developer
3 Tom 22 Designer

3. String Manipulation:

awk provides functions to manipulate strings, like length(), substr(), tolower(), and toupper().

Example: Print the length of the first field.

awk '{ print $1, length($1) }' example.txt

Output:

John 4
Jane 4
Tom 3

Summary of awk Usage:

CommandDescription
awk '{ print $1 }' filePrint the first field (column) of each line.
awk -F',' '{ print $2 }' fileSpecify a field separator (comma in this case).
awk '$2 > 25 { print $1 }' filePrint the first field if the second field is greater than 25.
awk 'BEGIN { action } { action } END { action }' fileUse BEGIN and END blocks for initialization and final actions.
awk '{ print NR, $0 }' filePrint the line number along with the entire line.

awk is a versatile tool for processing and extracting data from text files or input streams. It’s great for manipulating structured data, performing arithmetic, and applying conditions based on patterns.

Exercises

https://regexone.com/lesson/introduction_abcs -> Great tutorial!