Given a log file, I will usually do something like this:
grep 'marker-1234' filter_log
What is the difference in using '' or "" or nothing in the pattern?
The above grep command will yield many thousands of lines; what I desire. Within those lines, There is usually one chunk of data I am after. Sometimes, I use awk to print out the fields I am after. In this case, the log format changes, I can't rely on position exclusively, not to mention, the actual logged data can push position forward.
To make this understandable, lets say the log line contained an IP address, and that was all I was after, so I can later pipe it to sort and unique and get some tally counts.
An example may be:
2010-04-08 some logged data, indetermineate chars - [marker-1234] (123.123.123.123) from: foo@bar.example.com to bar@foo.example.com [stat-xyz9876]
The first grep command will give me many thousands of lines like the above, from there, I want to pipe it to something, probably sed, which can pull out a pattern within, and print only the pattern.
For this example, using an the IP address would suffice. I tried. Is sed not able to understand [0-9]{1,3}. as a pattern? I had to [0-9][0-9][0-9]. which yielded strange results until the entire pattern created.
This is not specific to an IP address, the pattern will change, but I can use that as a learning template.
Thank you all.
Best Answer
I don't know what OS you're on, but on FreeBSD 7.0+ grep has a
-ooption to return only the part that matches the pattern. So you couldgrep "marker-1234" filter_log | grep -oE "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}"Returns a list of just IP addresses from the 'filter_log"...
This works on my system, but again, I don't know what your version of grep supports.