LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-05-2014, 12:12 PM   #1
Gursharan
LQ Newbie
 
Registered: May 2009
Posts: 3

Rep: Reputation: 0
Grep Command


Hello Pros

I kind of new to Linux and i was recently grepping the Cisco firewall logs on CentOS server, I was grepping on the timestamp which gave me undesired results

i was using the following command

grep 17:0 /boot/*

and i was getting the following output. I was looking to for logs starting from 17:00 hrs and not 00:17 0r 01:17

Sep 4 00:17:08 x.x.x.x.x %FWSM-6-302014

Sep 4 00:17:08 x.x.x.x.x %FWSM-6-302013

My question is how can i modify this grep command to get exact results for logs matching 17:00 hrs onwards.

Thanks
 
Old 09-05-2014, 12:26 PM   #2
keefaz
LQ Guru
 
Registered: Mar 2004
Distribution: Slackware
Posts: 6,552

Rep: Reputation: 872Reputation: 872Reputation: 872Reputation: 872Reputation: 872Reputation: 872Reputation: 872
Put a space before 17 ?
grep " 17:0" /boot/*
 
Old 09-05-2014, 12:30 PM   #3
Gursharan
LQ Newbie
 
Registered: May 2009
Posts: 3

Original Poster
Rep: Reputation: 0
Thanks Keefaz

Why do i need to put double quotes around my query. Just trying to learm.
 
Old 09-05-2014, 12:34 PM   #4
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 19,872
Blog Entries: 12

Rep: Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053
Quote:
Originally Posted by Gursharan View Post
Just trying to learn.
so, instead of telling you why, i say:
the answer is already in you.
you tell me why, and then i will tell you if you're wrong or right.
 
Old 09-05-2014, 03:00 PM   #5
Gursharan
LQ Newbie
 
Registered: May 2009
Posts: 3

Original Poster
Rep: Reputation: 0
Thank Ondoho.

Since we have included a space we don't want to search on file named 17:0 and other files (\boot\*) . We want to search the on entire string which is ( 17:0)

I am correct on this
 
Old 09-06-2014, 04:33 PM   #6
selfprogrammed
Member
 
Registered: Jan 2010
Location: Minnesota, USA
Distribution: Slackware 13.37, 14.2, 15.0
Posts: 631

Rep: Reputation: 151Reputation: 151
Grep
Grep allows the unquoted string, but it is limited by what BASH will let pass.
Use quotes when you want to be exact, or anytime you are unsure.
You will still have problems with some characters that are specially interpreted.
Then you will have to backslash characters to get the search you want.

Example:
>> grep " 17:00" *
- without the quotes, the space would not be in the search string. This applies to arbitrary strings.

>> grep "The quick brown fox went up the twisty road" *

Example:
>> grep " fred[" *
- will not work, will get an error message

>> grep " fred\[" *
- backslashed to get the square bracket into the search string as it is.

Advanced:
>> grep " 17:00" * | grep " something else"
- to apply more than one grep test to a line

Try this:
>> grep " 1[789]:00" *
and look into rgrep and egrep.

Last edited by selfprogrammed; 09-06-2014 at 04:42 PM.
 
Old 09-06-2014, 07:00 PM   #7
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 19,872
Blog Entries: 12

Rep: Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053Reputation: 6053
Quote:
Originally Posted by Gursharan View Post
I am correct on this
hallelu - jah!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Need help with the cut command..or should I be using the grep command? ProAm500 Linux - Newbie 15 05-01-2013 04:01 AM
Creating an alias in ksh that uses grep and includes 'grep -v grep' doug248 Linux - Newbie 2 08-05-2012 02:07 PM
[SOLVED] run ps|grep command by script/command line ... ERROR: Unsupported option (BSD syntax) masuch Programming 4 05-23-2012 04:13 AM
How to pass the result of a command to another command (like grep) desb01 Programming 4 06-25-2009 12:09 PM
Help me in Grep Command + cd command in single line JeiPrakash Linux - Newbie 3 05-27-2008 04:16 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 08:59 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration