linux三剑客grep、sed、awk练习

　　grep：过滤文本

　　sed：修改文本

　　awk：处理文本

1、找出/proc/meminfo文件中以s开头的行，至少用三种方式忽略大小写

[root@localhost ~]# grep -E '^[sS]' /proc/meminfo
[root@localhost ~]# sed -r -n '/^[sS]/p' /proc/meminfo # -n:取消默认输出
[root@localhost ~]# awk '/^[sS]/{print $0}' /proc/meminfo
SwapCached:            0 kB
SwapTotal:             0 kB
SwapFree:              0 kB
Shmem:              7676 kB
Slab:              45744 kB
SReclaimable:      23440 kB
SUnreclaim:        22304 kB

2、显示当前系统上的以root，centos或者user开头的信息

[root@localhost ~]# grep -rE '^(root|centos|user)' /etc/
/etc/pki/ca-trust/extracted/README:root CA certificates.
/etc/pki/ca-trust/extracted/java/README:root CA certificates.
/etc/pki/ca-trust/extracted/openssl/README:root CA certificates.
/etc/pki/ca-trust/extracted/pem/README:root CA certificates.
/etc/yum/vars/contentdir:centos

3、找出/etc/init.d/functions文件下包含小括号的行

[root@localhost ~]# grep -E '\(|\)' /etc/init.d/functions
    /etc/init.d/*|/etc/rc.d/init.d/*)
systemctl_redirect () {
    start)
        s=$"Starting $prog (via systemctl): "
    stop)
        s=$"Stopping $prog (via systemctl): "
    reload|try-reload)

4、输出指定目录的基名

[root@localhost sysconfig]# pwd | awk -F/ '{print $NF}'
sysconfig

5、找出网卡信息中包含的数字

[root@localhost ~]# grep -oE '[0-9]+' /etc/sysconfig/network-scripts/ifcfg-eth[01]
/etc/sysconfig/network-scripts/ifcfg-eth0:4
/etc/sysconfig/network-scripts/ifcfg-eth0:6
/etc/sysconfig/network-scripts/ifcfg-eth0:6
/etc/sysconfig/network-scripts/ifcfg-eth0:6
/etc/sysconfig/network-scripts/ifcfg-eth0:6
/etc/sysconfig/network-scripts/ifcfg-eth0:6
/etc/sysconfig/network-scripts/ifcfg-eth0:0
/etc/sysconfig/network-scripts/ifcfg-eth0:3
/etc/sysconfig/network-scripts/ifcfg-eth0:7
/etc/sysconfig/network-scripts/ifcfg-eth0:60
/etc/sysconfig/network-scripts/ifcfg-eth0:479

6、找出/etc/passwd下每种解析器的用户个数

# 数组：{"bash":10,"sh":9,"zsh":1}
[root@localhost ~]# awk -F: '{arr[$NF]++}END{for(i in arr){print i,arr[i]}}' /etc/passwd
/bin/sync 1
/bin/bash 7
/sbin/nologin 22
/sbin/halt 1
/sbin/shutdown 1

7、获取网卡中的ip，用三种方式实现

[root@localhost ~]# ip a | grep -oE '([0-9]{1,3}\.){3}[0-9]{1,3}'
[root@localhost ~]# ip a | sed -r -n '/([0-9]{1,3}\.){3}[0-9]{1,3}/p'
[root@localhost ~]# ip a | awk '/([0-9]{1,3}\.){3}[0-9]{1,3}/{if(NR==3){print $2}else{print $2,$4}}'
127.0.0.1/8
192.168.15.102/24 192.168.15.255
172.16.1.102/20 172.16.15.255

8、搜索/etc目录下，所有的.html或.php文件中main函数出现的次数

# 反引号（``）将里面的结果作为操作对象；xargs：将内容打印成行
[root@localhost ~]# grep -rE 'main' `find /etc/ -name "*.html" -o -name "*.php" | xargs` |wc -l
1134

9、过滤掉php.ini中注释的行和空行

# ^$：空行
[root@localhost ~]# grep -vE '^\ *;|^$' /etc/php.ini
[PHP]
engine = On
short_open_tag = Off
asp_tags = Off
precision = 14
output_buffering = 4096
zlib.output_compression = Off

10、找出文件中至少有一个空格的行

　　[root@localhost ~]# grep -E '\ +' /etc/php.ini

11、过滤文件中以#开头的行，后面至少有一个空格

[root@localhost ~]# grep -E '^#\ +' /etc/fstab
# /etc/fstab
# Created by anaconda on Wed Dec  8 16:57:29 2021
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info

12、查询出/etc目录中包含多少个root

[root@localhost ~]# grep -roE 'root' /etc/ | wc -l
600

13、查询出所有的qq邮箱

　　[root@localhost ~]# grep -E '[0-9A-Za-z-_]+@qq\.com'

14、查询系统日志中所有的error

　　[root@localhost ~]# grep -E 'error' /var/log/messages

15、删除某文件中以s开头的行的最后一个词

[root@localhost ~]# grep -Ei '^s' 3.txt | grep -oE '[0-9A-Za-z]+' | xargs | awk '{for(i=0;i<(NF-1);i++){print $i}}'
sdfdf jkjdf sdf
sdfdf

　　正确答案

[root@localhost ~]# grep -Ei '^s' 3.txt | sed -r 's/[0-9a-zA-Z]+$//g'
sdfdf jkjdf 

16、删除一个文件中的所有数字

　　[root@localhost ~]# sed -r 's/[0-9]//g' 3.txt

17、显示奇数行

[root@localhost ~]# awk -F: 'NR%2==1{print $0}' /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:2:2:daemon:/sbin:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown

18、删除passwd文件中以bin开头的行到nobody开头的行

[root@localhost ~]# sed -r '/^bin/,/^nobody/d' /etc/passwd
root:x:0:0:root:/root:/bin/bash
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:998:User for polkitd:/:/sbin/nologin

19、从指定行开始，每隔两行显示一次空行

[root@localhost ~]# awk -F: '{n=5;if(NR<=n){print $0}else{if((NR-5)%2==0){print " "}print $0}}' /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
 
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
 
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin

20、每隔5行打印一个空行

[root@localhost ~]# awk -F: '{if(NR%5==0){print " "}print $0}' /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
 
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin

21、不显示指定字符的行

[root@localhost ~]# grep -Ev 'l' 3.txt
jsdfds fersdf jere
sdfdf jkjdf sdf

22、将文件中1到5行中aaa替换成AAA

[root@localhost ~]# sed -r '1,5s/aaa/AAA/g' 3.txt
jakdfj djsfj jklll
feefAAAlljj jjll
fjklkjl
AAAfds fersdf jere
sdfdf jkjdf sdf
aaadfdf

23、显示用户id为奇数的行

[root@localhost ~]# awk -F: '$3%2==1{print $0}' /etc/passwd
bin:x:1:1:bin:/bin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
halt:x:7:0:halt:/sbin:/sbin/halt
operator:x:11:0:operator:/root:/sbin/nologin

24、显示系统普通用户，并打印系统用户名和id

# id=0：超级用户；0=1000：普通用户
[root@localhost ~]# awk -F: '$3>=1000{print $1,$3}' /etc/passwd
test 1000
test03 1001
tuser1 1002
tuser2 1003
tuser3 1004

25、统计nginx日志中独立用户数（ip维度计算）

[root@localhost ~]# awk '/([0-9]{1,3}\.){3}[0-9]{1,3}/{arr[$1]++}END{for(i in arr){print i}}' access.log
49.232.15.254
107.189.12.88
167.248.133.41
90.113.136.249
159.89.26.34
4.71.37.46
168.228.151.191
2.56.59.221
3.25.221.59
45.137.23.232

26、统计php.ini中每个词的个数

[root@localhost ~]# grep -oE '[0-9A-Za-z]+' 3.txt | awk '{arr[$1]++}END{for(i in arr){printf "%-15s | %-5d\n",i,arr[i]}}'
aaadfdf         | 1    
sdfdf           | 1    
feefaaalljj     | 1    
jklll           | 1    
jakdfj          | 1    
jkjdf           | 1    
aaafds          | 1    
fjklkjl         | 1    
fersdf          | 1    
jere            | 1    
jjll            | 1    
sdf             | 1    
djsfj           | 1    
jkll            | 3