grep

• CLI utility for searching text data sets for matching expressions.
• You can use \| to separate "OR" strings
  • For example, grep '445\|CLOSED\|ESTABLISHED' firewalloutput.txt
• Important options
  • -i or --ignore-case
    • Search for string, regardless of case
    • Useful when adversaries use alternating caps to prevent search matches
  • -v or --invert-match
    • Searches for any results that do NOT include the search term
  • -n or --line-number
    • Get the line number with the output
  • -l or --files-with-matches
    • Just lists file names with matching content
• Windows alternatives
  • In PowerShell: Select-String
  • In Windows command line (cmd.exe), findstr

Simple file copy script using for

for file in $(grep -l "search_string" /files/to/sea.rch); do
  cp "$file" /path/to/destination/
done

Metadata

Sources

grep - Wikipedia