The Awk_1 of Linux commands

Introduction

Awk is a powerful text analysis tool, with the search for grep and the editing of SED, which is especially powerful when it comes to analyzing data and generating reports. To put it simply, awk reads the file line-by-row, using spaces as the default delimiter to slice each row, and then perform various analytical processing of the cut.

AWK has 3 different versions: AWK, Nawk, and gawk, which are not specifically described, generally referred to as the GNU version of awk, Gawk,gawk.

Awk has its name from the first letter of its founder Alfred Aho, Peter Weinberger and Brian Kernighan's surname. In fact, Awk does have its own language: The awk programming language, a three-bit creator has formally defined it as "style scanning and processing language." It allows you to create short programs that read input files, sort data, manipulate data, perform calculations on input, and generate reports, as well as countless other features.

How to use

awk ' {pattern + action} ' {Filenames}

Although the operation can be complex, the syntax is always the same, where pattern represents what AWK looks for in the data, and the action is a series of commands that are executed when a match is found. Curly braces ({}) do not need to always appear in the program, but they are used to group a series of instructions according to a particular pattern. pattern is the regular expression to be represented, surrounded by slashes.

The most basic function of the awk language is to browse and extract information in a file or string based on the specified rules, before awk extracts the information for additional text operations. A complete awk script is typically used to format the information in a text file.

Typically, awk is treated as a unit of a file's behavior. awk processes the text by executing the corresponding command for each line that receives the file.

Call awk

There are three ways of calling Awk

1. Command-line modeawk[-F Field-separator]'commands'input-file(s) wherein, commands is the real awk command, [-f Domain delimiter] is optional. input-file(s) is the file to be processed. In awk, each line in a file, separated by a domain delimiter, is called a domain. In general, without naming-In case of the F field delimiter, the default Domain delimiter is a space. 2The . Shell script inserts all the awk commands into a file and makes the awk program executable, and then the awk command interpreter is invoked as the first line of the script, again by typing the script name. Equivalent to the first line of the shell script: #!/bin/SHcan be replaced by: #!/bin/awk3Insert all awk commands into a separate file, and then call:awk-Fawk-script-fileinput-file(s) among them,The-f option loads the awk script in Awk-script-file, input-file(s) is the same as above.

This chapter focuses on the command-line approach.

Getting Started instance

Suppose the output of Last-n 5 is as follows

[Email protected] ~]# Last-N5Root pts/1        192.168.1.115Sun Jan +  -: +Still loggedinchRoot pts/0        192.168.1.115Sun Jan +  -: +Still loggedinchReboot system Boot2.6. +-504. el6.x Sun Jan +  -: the- the: to( on: -) root pts/2        192.168.1.115Sat Jan -  -: --Down (Geneva: -) root pts/1        192.168.1.115Sat Jan -  ,: --Down ( -: -)    

If you only show the 5 most recently logged-in accounts

 Last 5 | awk ' {print $} ' Rootrootrebootrootroot

The awk workflow is this: reads a record with a ' \ n ' line break, then divides the record by the specified domain delimiter, fills the field, and $ $ represents all fields, representing the first field, $n representing the nth field. The default Domain delimiter is the "blank key" or "[tab] key", so the login user, $ $ means the login user IP, and so on.

If you just show/etc/passwd's account

cat /etc/passwd | awk  ' : '  ' {print $} '   rootbindaemonadmLPsync

This is an example of awk+action, where each line executes action{print $.

-f Specifies the domain delimiter as ': '.

If you only display the/ETC/PASSWD account and the shell of the account, and the account and the shell are split by tab

 [[email protected] ~]# cat /etc/passwd  | awk -F  " :   " "  { print "\ T" $7}   " root /bin/bashbin  /sbin/nologindaemon  /sbin/nologinadm /sbin/nologin  LP /sbin/nologin  sync /bin/sync   

If the/ETC/PASSWD account and the account's shell are displayed only, and the account is separated by a comma from the shell, and the column name Name,shell is added to all rows, add "Blue,/bin/nosh" to the last line.

 [[email protected] ~]# cat /etc/passwd  | awk -F  " :   " "  { print "\ T" $7}   " root /bin/bashbin /sbin/nologindaemon /sbin/nologinadm /sbin/nologin   LP /sbin/nologin  sync /bin/sync  blue, /bin/nosh  

The awk workflow is done by first executing the beging, then reading the file, reading a record with the/n line break, and then dividing the record by the specified field delimiter, populating the field, and $ $ representing all fields, representing the first field, $n representing the nth field, The action action corresponding to the execution pattern is then started. Then start reading the second record ... Until all the records have been read, the end operation is performed.

Search all rows with the root keyword/etc/passwd

awk ' /root/ ' /etc/passwdroot:x:0:0: root:/root:/bin/bashoperator:x: One:0: Operator:/root:/sbin/nologin

This is an example of the use of pattern, which matches the line of pattern (this is root) to execute the action (without specifying an action, the default output of the contents of each row).

Search support for the regular, for example, root start: awk-f: '/^root/'/etc/passwd

Search all lines that have the root keyword/etc/passwd and display the corresponding shell

awk ' /root/{print $7} ' /etc/passwd /bin/bash/sbin/nologin

Action{print $7} is specified here.

awk built-in variables

Awk has many built-in variables for setting up environment information, which can be changed, and some of the most commonly used variables are given below.

ARGC               command-line arguments argv               command-line parameter arrangement environ            support the use of system environment variables in queues filename           awk browses the file name Fnr the                number of records to browse files FS                 Set input field delimiter, equivalent to command line-F option NF                 Browse record number of fields nr                 Read records ofs                output field delimiter ors                Output record delimiter Rs                 control record delimiter

In addition, the $ variable refers to the entire record. $ $ represents the first field of the current row, which is the second field of the current row,...... And so on

　　

The Awk_1 of Linux commands