From owner-freebsd-questions@FreeBSD.ORG Mon May 17 08:36:40 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8F17416A4CE for ; Mon, 17 May 2004 08:36:40 -0700 (PDT) Received: from av15-2-sn4.m-sp.skanova.net (av15-2-sn4.m-sp.skanova.net [81.228.10.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id E528E43D5A for ; Mon, 17 May 2004 08:36:38 -0700 (PDT) (envelope-from ertr1013@student.uu.se) Received: by av15-2-sn4.m-sp.skanova.net (Postfix, from userid 502) id C850F37E50; Mon, 17 May 2004 17:36:37 +0200 (CEST) Received: from smtp4-2-sn4.m-sp.skanova.net (smtp4-2-sn4.m-sp.skanova.net [81.228.10.180]) by av15-2-sn4.m-sp.skanova.net (Postfix) with ESMTP id B512737E43 for ; Mon, 17 May 2004 17:36:37 +0200 (CEST) Received: from falcon.midgard.homeip.net (h201n1fls24o1048.bredband.comhem.se [212.181.162.201]) by smtp4-2-sn4.m-sp.skanova.net (Postfix) with SMTP id 4C74837E4A for ; Mon, 17 May 2004 17:36:37 +0200 (CEST) Received: (qmail 24031 invoked by uid 1001); 17 May 2004 15:36:36 -0000 Date: Mon, 17 May 2004 17:36:36 +0200 From: Erik Trulsson To: Drew Tomlinson Message-ID: <20040517153636.GA23982@falcon.midgard.homeip.net> Mail-Followup-To: Drew Tomlinson , FreeBSD Questions References: <40A8D6A5.5090705@mykitchentable.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <40A8D6A5.5090705@mykitchentable.net> User-Agent: Mutt/1.5.6i cc: FreeBSD Questions Subject: Re: grep & RegEx Syntax- How to Match? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 May 2004 15:36:40 -0000 On Mon, May 17, 2004 at 08:13:41AM -0700, Drew Tomlinson wrote: > I've learned a little about regular expressions and am trying to use > them with grep. I want to parse my httpd log to return entries that > contain a particular IP address and file ending in .htm or .html. I > want to match lines like this one: > > 123.456.789.123 - - [17/May/2004:06:54:53 -0700] "GET > /public/murphys/produced/tricks.html HTTP/1.0" 200 5446 "-" > "Mozilla/4.77 [en] (X11; U; Linux 2.2.19 i686)" Is that supposed to be a single line, or is it actually three lines in the log. That matters because grep works on lines. I will assume that it is only line in the log. > > I'm using the this command: > > egrep -e ^123\.456\.789\.123.*htm.* /path/to/file Try quoting the argument given to egrep, otherwise your shell might try to expand '*' as a wildcard. I.e. try egrep -e '^123\.456\.789\.123.*htm.*' /path/to/file > > However this does not match anything. If I shorten the regex to > ^123\.456\.789\.123, I match all entries with that IP address. And if I > use 'htm' as the regex, I get match all lines with html files. But I > can't find the right syntax to match on both conditions. You could try piping the output from the first grep into a second grep. For example: grep '^123\.456\.789\.123' /path/to/file | grep 'htm' -- Erik Trulsson ertr1013@student.uu.se