# 第一种方式 [root@localhost ~]# grep -Ei '^s' /proc/meminfo SwapCached: 0 kB SwapTotal: 0 kB SwapFree: 0 kB Shmem: 5552 kB Slab: 33204 kB SReclaimable: 13648 kB SUnreclaim: 19556 kB # 第二种方式 [root@localhost ~]# awk '/^(s|S)/{print $0}' /proc/meminfo [root@localhost ~]# awk '/^s|^S/{print $0}' /proc/meminfo [root@localhost ~]# awk '/^[sS]/{print $0}' /proc/meminfo SwapCached: 0 kB SwapTotal: 0 kB SwapFree: 0 kB Shmem: 5584 kB Slab: 33536 kB SReclaimable: 13736 kB SUnreclaim: 19800 kB # 第三种方式 [root@localhost ~]# sed -nr '/^(s|^S)/p' /proc/meminfo SwapCached: 0 kB SwapTotal: 0 kB SwapFree: 0 kB Shmem: 5584 kB Slab: 33536 kB SReclaimable: 13736 kB SUnreclaim: 19800 kB
[root@localhost ~]# grep -Er '^(centos|root|user)' /
[root@localhost etc]# grep -oE '\(|\)' /etc/init.d/functions
[root@localhost etc]# pwd | awk -F '/' '{print $NF}'
[root@localhost etc]# ip a | grep -oE '[0-9]+'
[root@localhost ~]# awk -F':' '{print $NF}' /etc/passwd | sort | uniq -c |column -t 2 /bin/bash 1 /bin/sync 1 /sbin/halt 18 /sbin/nologin 1 /sbin/shutdown
# 第一种 [root@localhost ~]# ip a | grep -oE '([0-9]{1,3}\.+){3}[0-9]{1,3}' 127.0.0.1 192.168.15.100 192.168.15.255 172.16.1.100 172.16.15.255 # 第二种 # 第三种
# /etc目录下没有以.html或以.php结尾的文件 # 我从根查的 [root@localhost ~]# grep -Eo 'main' `find / -type f -regex ".*\.\(html\|php\)"` | wc -l [root@localhost ~]# grep -oE 'main' `find / -name '*.html' -o -name '*.php'` | wc -l
[root@localhost etc]# grep -vE '^\ *;|^$' /etc/php.ini
[root@localhost ~]# grep -E '\ +' a.sh
[root@localhost ~]# grep -E '^#\ +' a.sh
[root@localhost ~]# grep -Eor 'root' /etc/ | wc -l
[root@localhost ~]# grep -Er "[0-9a-zA-Z-_\.]+@qq\.com" a.sh
[root@localhost /]# grep -orE 'error' /var/log/messages
[root@localhost /]# grep -E '^s' /etc/passwd|sed -r 's/[0-9a-zA-Z]+$//g' [file]
[root@localhost /]# sed -r 's/[0-9]+//g' /root/a.sh
[root@localhost /]# awk '{if(NR%2==1)print NR,$0}' /root/a.sh [root@localhost /]# awk 'NR%2==1{print NR,$0}' /root/a.sh 1 asdfgdghgf aadadadad 3 asd adas sdasdas asdasdahgf 5 baaaaaaaaaaaaaaaaaaaabbbbbbbb 7 ppppp 9 das1231423434gfdgfgfdgdf 11 s1111ssss asdsgfh 13 sagdfg3356fff
[root@web02 ~]# sed -r '/^bin/,/^nobody/d' /etc/passwd
awk -F: '{if(NR>3){num=(NR-3)%2; if(num){print $0}}}' /etc/passwd # 没写
[root@localhost /]# awk -F: '{if(NR%5==0){print " "}print $0}' /root/a.sh
[root@localhost /]# grep -Ev 'g' a.sh
[root@localhost /]# sed -r '1,5 s/a/A/g' /root/a.sh | head -n5 Asdfgdghgf AAdAdAdAd sdAsdAsdA hjhjjg Asd AdAs sdAsdAs AsdAsdAhgf AsdAs AsdAsdAd AdAsdAsd bAAAAAAAAAAAAAAAAAAAAbbbbbbbb
[root@localhost /]# awk -F: '{if ($3%2==1) print NR,$0}' /etc/passwd 2 bin:x:1:1:bin:/bin:/sbin/nologin 4 adm:x:3:4:adm:/var/adm:/sbin/nologin 6 sync:x:5:0:sync:/sbin:/bin/sync 8 halt:x:7:0:halt:/sbin:/sbin/halt 10 operator:x:11:0:operator:/root:/sbin/nologin 13 nobody:x:99:99:Nobody:/:/sbin/nologin 15 dbus:x:81:81:System message bus:/:/sbin/nologin 16 polkitd:x:999:998:User for polkitd:/:/sbin/nologin 17 tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin 18 abrt:x:173:173::/etc/abrt:/sbin/nologin 20 postfix:x:89:89::/var/spool/postfix:/sbin/nologin 21 mysql:x:27:27:MariaDB Server:/var/lib/mysql:/sbin/nologin
[root@localhost /]# awk -F: '{if($3>=1000){print "用户名:" $1"用户id:"$3}}' /etc/passwd 用户名:hammer用户id:1000
[root@localhost ~]# awk '/([0-9]{1,3}\.){3}[0-9]{1,3}/{arr[$1]++}END{for(i in arr){print i}}' access.log
[root@localhost ~]# grep -oE '[0-9a-zA-Z]+' /etc/php.ini | awk '{arr[$1]++}END{for(i in arr){printf "%-15s | %-5d\n", i, arr[i]}}'
[root@localhost ~]# egrep -o "[a-Z]+" php.ini | wc -l
#!/bin/bash NGINX_LOG=/var/log/nginx/access.log TIME=`date +%s` DATE=`echo $TIME - 3600 | bc` declare -A IP while read line do timestamp=`echo $line | grep -oE '[0-9]{4}.*T[0-9]{2}:[0-9]{2}:[0-9]{2}'` timestamp=`date -d "$timestamp" +%s` if (( $TIME >= $timestamp && $DATE <= $timestamp ));then ip=`echo $line| grep -oE '([0-9]{1,3}\.){3}[0-9]{1,3}'` number=`echo ${IP["$ip"]} | wc -L` [ $number -eq 0 ] && IP["$ip"]=0 num=${IP["$ip"]} IP["$ip"]=`echo "$num + 1" | bc` fi done < $NGINX_LOG for i in ${!IP[*]} do if (( ${IP[$i]} >= 10 ));then echo $i fi done
#!/bin/bash NGINX_LOG=/var/log/nginx/access.log declare -A IP while read line do timestamp=`echo $line | grep -oE '[0-9]{4}.*T[0-9]{2}:[0-9]{2}:[0-9]{2}'` timestamp=`date -d "$timestamp" +%Y%m%d%H` number=`echo ${IP["$timestamp"]} | wc -L` [ $number -eq 0 ] && IP["$timestamp"]=0 num=${IP["$timestamp"]} IP["$timestamp"]=`echo "$num + 1" | bc` done < $NGINX_LOG for i in ${!IP[*]} do if (( ${IP[$i]} >= 10 ));then echo "$i ${IP[$i]}" fi done
grep -oE '([0-9]{1,3}\.){3}[0-9]{1,3}' /var/log/nginx/access.log | sort | uniq -c | sort -r | head
【如写错,请指正】