![]() The following example matches all lines in the ps -ef output that start with the string ptr: ~]$ ps -ef | grep "^ptr" ![]() ![]() Search for a pattern at the beginning of a line exit-with-session /etc/X11/xinit/Xclients" The following example matches all lines in the ps -ef output that have sh anywhere in them: ~]$ ps -ef | grep "sh" The back slash \ is an escape character.The asterisk * matches zero or more occurrences of the previous character.The dollar sign $ at the end of a string matches the empty string at the end of a line.The caret ^ at the start of a string matches and the empty string at the beginning of the line.list of characters enclosed by matches any single character in that list (if first character is the caret ^ then it matches any character not in the list).Here is a brief description of these special characters The basic characters supported by grep are: Grep supports basic regular expression characters and the other two support some of the more more advanced regular expression characters. Linux and UNIX systems offer three variants of the grep command: The grep command is perfect in these situations and we explore some of it’s capabilities here. HTTP Response Status Codes – Mozilla Developer NetworkĪpache 2.4 Log Files – Apache HTTP Server Project Documentationįiled Under: Hands OnPublished on will be many occasions when you are trying locate a specific set of lines in a file, such as a log file, or perhaps you are trying filter the results that have come back from a Linux or Unix command to just the ones relevant to your specific needs. Regular Expressions in Grep (Regex) – Linuxize For instance, I’ve been messing with the free tier of Grafana Cloud lately, although I’ve only plumbed it to NGINX so far. But what you really want is a log parsing engine that ingests all your log data and summarizes things like interesting HTTP status codes for you. A Better WayĬLI tools are nice and so on–good for diagnostics and general neckbearding. Reducing false positives is important so that we can assume the log entries the grep is showing us are interesting or even actionable. So, we care that there’s a number in that third position, but that’s all the filtering we can do.īaking all of these assumptions into the regex means that we reduce the chance of the regex matching lines we don’t actually care about. The last digit of currently defined status codes might contain any number.So, we can insist on one of those values in the middle position. The middle digit of currently defined status codes only contain 0, 1, 2, 3, or 5.By the same logic, we could use if we only wanted to see 400s, or if we wanted to eliminate the 200s and 300s. If want to eliminate 200s, we require the first digit to be a 1, 3, 4 or 5. Status codes are defined by HTTP standards.These 2 numbers are going to be preceded by a quote and a space and followed by a space and a quote.Here are some other things we can assume based on what we know about HTTP status codes and the way Apache is formatting our logs. ![]() That helps us be confident that the previous number is the status code we’re concerned with. We don’t care about that number’s value, but we do care that there is a number there. The second number is the size of the object Apache sent back to the client. The field we care about specifically is the one containing the 301–the HTTP status code for this particular response. The bit we care about is the middle of the entry, where it says 301 590. Your Apache logs might look different–take a look at your LogFormat directives in your /etc/apache2/*.conf files, as your LogFormat definition might mean you have to update your regex if your LogFormat is substantially different from mine. To see why this regex will show us lines with non-200 status codes, let’s look at this example Apache log entry.ġ12.170.115.206 - "GET /feed/ HTTP/1.1" 301 590 "-" "FeedFetcher-Google ( )" I’m showing you a way that worked for me, knowing that there are possibly more elegant ways if my regex-fu was mightier. Regex is a powerful tool, and there are likely other ways to get the job done. Sudo tail -f /var/log/apache2/access.log | grep -E '\" ] any number from 1 to 8 digits long ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |