Simple command line grep usage to understand complex regular expressions

I was looking for a simple method to understand regular expressions. In this particular case it was to analyze an ignore rule used by logcheck log monitoring tool. I knew that the Linux environment offered some powerful tools to use regular expressions, but I was looking for a simple pass in this string and show me what matches via my regular expression.

After quite a bit of time looking at man pages for grep, I initially didn't find the simple solution that I was hoping to...

AMD-ubuntu /USR/SBIN/CRON[9999]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)

And it was ignored by the entry in /etc/logcheck/ignore.d.paranoid/cron

^\w{3} [ :0-9]{11} [._[:alnum:]-]+ /USR/CRON\[[0-9]+\]: \([_[:alnum:]-]+\) CMD \(.*\)$

The log entry I wanted to ignore was:

Nov 2 19:17:01 AMD-ubuntu CRON[6877]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)

The regular expression that I ended up using to ignore my routine CRON job log entries was:

^\w{3} [ :0-9]{11} [._[:alnum:]-]+ CRON\[[0-9]+\]: \([_[:alnum:]-]+\) CMD \(.*\)$

I wanted a way to determine what part of the regular expression was matching what, in an interactive way. I ultimately ended up playing with the egrep version of the grep command. The basic syntax was:

echo 'string' | egrep --color 'regular expression'

I struggled figuring out that I needed to use the echo command to pipe the string into the egrep command. The --color output control was helpful in coloring the part of the string that matched the regular expression. This was important to me, because I wanted to understand what type of log entries would be ignored this regular expression.

If the output matched the regular expression the string was output to the screen with whatever matched being colored. This allowed me to play with the regular expression to understand the matching characteristics of the expression.

echo 'Nov 2 19:17:01 AMD-ubuntu CRON[6877]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)' | egrep --color '^\w{3} [ :0-9]{11} [._[:alnum:]-]+ CRON\[[0-9]+\]: \([_[:alnum:]-]+\) CMD \(.*\)$'

Output:
Nov 2 19:17:01 AMD-ubuntu CRON[6877]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)

Quickly adjusting parts of the regular expression an observing the color changes in the output allowed me to understand every aspect of a fairly complex regular expression.

My bug to the Ubuntu team got posted here:
Launchpad logcheck 9.10 CRON reporting bug

Comments

Post a Comment

Popular posts from this blog

Moen 1225 Kitchen Faucet Cartridge Repair or Replacement

Image
Is your your Moen single handle kitchen faucet hard to use or leaking around the handle? If it is you can easily lubricate or replace the 1225 cartridge in the faucet. If you're the original owner owner of the faucet Moen warrants them to be leak-free for lifetime. I called the 800 number at 1-800-289-6636 and requested a replacement cartridge kit for the faucet (think ours is model 7730). They sent it out no charge in about 10 days. If your in a hurry you can also buy it from Amazon ( Moen 1225 One-Handle Replacement Cartridge ). Our Moen 7730 Single Handle Kitchen Faucet I shot a video of the dis-assembly and re-assembly of the kitchen faucet: The kit contained everything you need to replace the cartridge and get the faucet working like new again 1225 Cartridge Repair Kit 1225 Cartridge Kit Contents Here is a link to a pdf with the Moen 1225 cartridge installation instructions that came in the kit: Here are the components in the kit: Moen 122
Read more

Outdoor Temperature - Waiting for Update Honeywell WiFI Thermostat (RTH9580WF)

Image
Just bought my wife a new thermostat for our house. We missed the HAI home automation thermostats in our previous house and their ability to display outdoor temperature. The NEST removed too much of our ability to control our thermostat and didn't show outdoor weather conditions. We choose the Honeywell RTH9580WF  (from Amazon) for a few reasons: RTH9580WF Outdoor Temperature - shows waiting for update Pros: Ability to control from a remotely Easy WiFi connectivity Reliable thermostat company Good 4 star plus reviews from Amazon Ability to show outdoor temperature and humidity Easy to use touchscreen and nice design Cons: C wire required No external temperature sensor Replacing  our existing heat pump thermostat was uneventful. I just carefully followed the instructions from Honeywell on how to install it. Our system was new enough to have a C-wire run but not connected to the existing thermostat. Honeywell's online tools and video helped me through this q
Read more

Comcast Xfinity HD uDTA Pace DC60Xu Unboxing and Setup Instructions

Image
Today I picked up two Comcast Xfinity uDTA (HD Digital Transport Adapters). These are the latest DTA's from Comcast that allow you to view HDTV using a tiny cable box as opposed to the huge boxes. They also have the advantage of being much less expensive to rent than the settop boxes. In my area they are easily exchanged for the for the original Thompson DTA's ( http://blog.trebacz.com/2010/03/comcast-dta-digital-transport-adapter.html ) from a couple years ago. Advantages of Comcast Xfinity HD DTA: Small compact size HDMI output or standard cable TV RF remote option (no line of site needed) Same monthly rental as standard definition DTA's Disadvantages of Xfinity HD uDTA: No menu system (or extremely limited) No on-demand programming No channel favorites Below is the unboxing process and what it took to hook it all up. If you'd rather see a video of the process, I did that also. You can see the video on my YouTube channel at: http://www.yo
Read more