L in u X ba sics for h acke rs g e t t I n g s t a r t e d w I t h
Download 7.3 Mb. Pdf ko'rish
|
linuxbasicsforhackers
- Bu sahifa navigatsiya:
- Filtering Text with grep
|
22
Chapter 2 Numbering the Lines Sometimes—especially with very long files—we may want the file to display line numbers. Since snort.conf has more than 600 lines, line numbers would be useful here. This makes it easier to reference changes and come back to the same place within the file. To display a file with line numbers, we use the nl (number lines) com- mand. Simply enter the command shown in Listing 2-4. kali >nl /etc/snort/snort.conf 612 ################################################################# 613 #dynamic library rules 614 #include $SO_RULE_PATH/bad-traffic.rules 615 #include $SO_RULE_PATH/chat.rules --snip-- 630 #include $SO_RULE_PATH/web-iis.rules 631 #include $SO_RULE_PATH/web-misc.rules 632 #Event thresholding or suppression commands. See threshold.conf 633 include threshold.conf Listing 2-4: Displaying line numbers in terminal output Each line now has a number, making referencing much easier. Note that this command skips the numbering for the blank lines. Filtering Text with grep The command grep is probably the most widely used text manipulation com- mand. It lets you filter the content of a file for display. If, for instance, you want to see all lines that include the word output in your snort.conf file, you could use cat and ask it to display only those lines (see Listing 2-5). kali >cat /etc/snort/snort.conf | grep output # 6) Configure output plugins # Step #6: Configure output plugins # output unified2: filename merged.log, limit 128, nostamp, mpls_event_types, vlan_event_types output unified2: filename merged.log, limit 128, nostamp, mpls_event_types, vlan_event_types # output alert_unified2: filename merged.log, limit 128, nostamp # output log_unified2: filename merged.log, limit 128, nostamp # output alert_syslog: LOG_AUTH LOG_ALERT # output log_tcpdump: tcpdump.log Listing 2-5: Displaying lines with instances of the keyword or phrase specified by grep This command will first view snort.conf and then use a pipe ( | ) to send it to grep , which will take the file as input, look for lines with occurrences of the word output, and display only those lines. The grep command is a very powerful and essential command for working in Linux, because it can save you hours of searching for every occurrence of a word or command in a file. |
