Searching for a program like tail or less which let me view my logs without lines that contain a certain string. For example view my syslog without UFW ([UFW BLOCK]) entry lines.
Asked
Active
Viewed 1.2k times
15
5 Answers
14
With less command's & option it's possible to filter out to display only desired matched pattern as below,
& /PATTERN/
in your case if you want filter lines with UFW BLOCK to don't display in output, you could simply use &! as below:
&! /UFW BLOCK/
αғsнιη
- 36,350
13
The pattern match inversion option -v for grep is really helpful for this:
grep -v 'UFW BLOCK' /var/log/syslog
This will show you all lines not containing UFW BLOCK. As grep uses basic regular expressions by default, the inclusion of the brackets will make it search for any of the individual characters of 'UFW BLOCK' including the space. You'll probably end up with no output. If you need to ensure that there are brackets around the string, either escape them \[UFW BLOCK\], or use the -F option of grep to only include fixed strings (Thanks to Zanna and Steeldriver for the advice on this):
grep -Fv '[UFW BLOCK]' /var/log/syslog
You can make it easier to view by piping the output to a pager like less:
grep -v 'UFW BLOCK' /var/log/syslog | less
Or redirect the output to a file in your home directory for later viewing:
grep -v 'UFW BLOCK' /var/log/syslog > ~/filtered_syslog
Arronical
- 20,241
5
You can also use sed's d command to delete the lines with the pattern from the stream:
sed '/\[UFW BLOCK\]/d' /var/log/syslog
We escape [] as normally they denote a character class, meaning "match anything inside here"
Zanna
- 72,312
5
You can use any tool with editing capabilities. You've already been given solutions using grep and sed, here are a few other choices. All of these can easily be piped to less or more or anything else.
Perl
perl -ne 'print unless /\[UFW BLOCK\]/' /var/log/syslogSince this is Perl, TIMTOWDI!.
perl -pe '$_="" if /\[UFW BLOCK\]/' /var/log/syslog perl -ne '/\[UFW BLOCK\]/ || print' /var/log/syslog perl -ne 'print if !/\[UFW BLOCK\]/' /var/log/syslog perl -ne '!/\[UFW BLOCK\]/ && print' /var/log/syslog perl -ne '/\[UFW BLOCK\]/ ? "" : print' /var/log/syslogawk
awk '!/\[UFW BLOCK\]/' file
terdon
- 104,119
2
You can use awk too:
awk '!/PATTERN/' log
I use it when I've got more than of one "pattern" and I don't want to use two grep like:
... | grep -v foo | grep -v bar
which the syntax is:
awk '!/PATTERN/ && !/PATTERN2/' log
Ravexina
- 57,256