View files without lines with certain string

command-line less
5,906

Solution 1

The pattern match inversion option -v for grep is really helpful for this:

grep -v 'UFW BLOCK' /var/log/syslog

This will show you all lines not containing UFW BLOCK. As grep uses basic regular expressions by default, the inclusion of the brackets will make it search for any of the individual characters of 'UFW BLOCK' including the space. You'll probably end up with no output. If you need to ensure that there are brackets around the string, either escape them \[UFW BLOCK\], or use the -F option of grep to only include fixed strings (Thanks to Zanna and Steeldriver for the advice on this):

grep -Fv '[UFW BLOCK]' /var/log/syslog

You can make it easier to view by piping the output to a pager like less:

grep -v 'UFW BLOCK' /var/log/syslog | less

Or redirect the output to a file in your home directory for later viewing:

grep -v 'UFW BLOCK' /var/log/syslog > ~/filtered_syslog

Solution 2

You can use any tool with editing capabilities. You've already been given solutions using grep and sed, here are a few other choices. All of these can easily be piped to less or more or anything else.

  1. Perl

    perl -ne 'print unless /\[UFW BLOCK\]/' /var/log/syslog

    Since this is Perl, TIMTOWDI!.

    perl -pe '$_="" if /\[UFW BLOCK\]/' /var/log/syslog
perl -ne '/\[UFW BLOCK\]/ || print' /var/log/syslog
perl -ne 'print if !/\[UFW BLOCK\]/' /var/log/syslog
perl -ne '!/\[UFW BLOCK\]/ && print' /var/log/syslog
perl -ne '/\[UFW BLOCK\]/ ? "" : print' /var/log/syslog

  2. awk

    awk '!/\[UFW BLOCK\]/' file

Solution 3

You can also use sed's d command to delete the lines with the pattern from the stream:

sed '/\[UFW BLOCK\]/d' /var/log/syslog

We escape [] as normally they denote a character class, meaning "match anything inside here"

Solution 4

With less command's & option it's possible to filter out to display only desired matched pattern as below, 

& /PATTERN/

in your case if you want filter lines with UFW BLOCK to don't display in output, you could simply use &! as below:

&! /UFW BLOCK/

Solution 5

You can use awk too:

awk '!/PATTERN/' log

I use it when I've got more than of one "pattern" and I don't want to use two grep like:

... | grep -v foo | grep -v bar

which the syntax is:

awk '!/PATTERN/ && !/PATTERN2/' log
Share:
5,906

Related videos on Youtube

John Gr.
Author by

John Gr.

Updated on September 18, 2022

Comments

  • John Gr.
    John Gr. almost 2 years

    Searching for a program like tail or less which let me view my logs without lines that contain a certain string. For example view my syslog without UFW ([UFW BLOCK]) entry lines.

    • Aaron
      Aaron almost 7 years
      While it's not easy to provide a solution to your exact problem description with this feature, you might be interested to know that less offers the possibility to filter the displayed lines after a regex pattern. You can use this feature by typing & followed by the pattern, and you can revert it by typing & alone.
  • αғsнιη
    αғsнιη almost 7 years
    "I use it when I've got more than of one "pattern" and I don't want to use two grep like"------ grep -Ev "foo|bar"?
  • Arronical
    Arronical almost 7 years
    You can also use -e to define multiple patterns. grep -v -e 'foo' -e 'bar'
  • Ravexina
    Ravexina almost 7 years
    @AFSHIN (Don't know how my comment get removed), I meant for a logical and not or ;)
  • Tulains Córdova
    Tulains Córdova almost 7 years
    You can also use the fgrep command which is equivalent to grep -F .
  • Aaron
    Aaron almost 7 years
    @TulainsCórdova grep's man says that "Direct invocation as either egrep or fgrep is deprecated, but is provided to allow historical applications that rely on them to run unmodified". I don't know if they will ever act on this deprecation, but I guess using these commands isn't best practice

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How do i install less css compiler?
After viewing logs with journalctl, how do I exit the screen that says "lines 1-2/2 (END)"?
Why do vim and less have such similar keybindings?
How can I stop following output in less, without affecting the command generating the output?
What is the difference between "more" and "less" commands?
How do I make `less` output colors?
Mercurial. Colour output piped to less
Less or More in Windows?
How to turn off word-wrap in less
Open a .raw file as text in less