Sometimes you may need to find a file that contains a certain string or find a line in a file that contains a specific word. This may be needed to Search for logs, search for configuration files if you do not know where they are, or to search for files with program code.
Previously, only the grep utility was used for this purpose, but now there are a huge number of other programs that can do this faster and provide a more convenient interface. In this article we will look at the most interesting of them and several examples of how to use them.
Search files by content in Linux
All utilities in this article work only in the terminal. Most of the commands described below have approximately the same syntax:
$ command options pattern /path/to/folder
The search pattern can be a regular word, but most commands expect it to be a regular expression, so if your query has a special one. symbols, the result may not be what you expect. As a rule, it is not necessary to specify the path to the folder; then the commands use the current folder for searching. Now let’s look at each command in more detail.
Grep Linux command
Before moving on to modern utilities, let’s take a look at the grep command. It is part of the GNU suite of programs and has been used to search for strings in files and files by their contents for a very long time.
By default, grep filters one file or standard input. To search multiple files in a folder, you need to enable recursive search using the -r option . For example, let’s find all the files in the /etc/ folder that contain the line root :
sudo grep -r "root" /etc/
The grep command does not highlight the occurrences of characters that you searched for in color; for this, you can use the –color=always option . But in most distributions this option is already specified in the alias for this command, so the output will look like this:
sudo grep --color=always -r "root" /etc/
Using the -C or –context option , you can enable display of not only the current line in which the occurrence was found, but also several lines before and after it. In this parameter you need to specify the number of lines to display:
sudo grep -r -С2 "root" /etc/
By default, grep expects the search query to be a regular expression, but only the basic syntax is supported. To enable extended syntax, you must use the -E option . For example, to find all files containing variables starting with the letter A in the /etc/ folder , run:
sudo grep -r -E "^A[A-Z_]+\=" /etc/
And in order to search for a fixed string rather than a regular expression, use the -F option or the fgrep command . For example, this is how you can find all files containing the [Install] section in the /usr/ folder :
sudo grep -r -F "[Install]" /usr/
Ripgrep Linux command
This is a popular alternative to grep written in Rust. It can do everything that grep does, but it’s faster, and it’s also much more convenient to use. Recursive search is enabled by default, and highlighting occurrences and filenames in different colors also works without additional options, and it also skips hidden files, binaries, and files listed in .gitignore . To install ripgrep on Ubuntu use this command:
sudo apt install ripgrep
If you run the command with a file path, it will find and display all occurrences of the search word in that file. For example:
sudo rg root /etc/passwd
If you pass a folder, the command will search in all the files that are in this folder. The default is the current folder. For example, to find all files containing the word “root” in the /etc/ directory , use the following command:
sudo rg root /etc/
Just like when using grep, you can display not only the line with the occurrence, but also several lines before and after. For example, two each:
sudo rg -C2 root /etc/
But the full regular expression syntax works here by default. For example:
sudo rg "^A[A-Z_]+=" /etc/
If you want to specify that you want to search for a string rather than a regular expression, use the -F option :
sudo rg -F "[Install]" /usr/
Ack Linux command
If you need to find a file with source code knowing the line that is in it, then there are more suitable utilities for this than grep. For example, ack. It appeared quite a long time ago and is designed specifically for working with source code. In addition to all the features of grep, it allows you to skip backup files, internal .git and .svn repository files , and memory dumps. In addition, you can select the file types to be searched and even specify a specific part of the file. To install the program on Ubuntu, use the following command:
sudo apt install ack
The simplest example is to search for all files containing the word root in the /etc/ folder :
sudo ack "root" /etc/
Or a regular expression, as in the previous section, to search for files with variables starting with the letter A:
sudo ack "^A[A-Z_]+=" /etc/
To print not only the line with the occurrence, but also the lines before and after it, use the -C option. By default, two lines are displayed:
sudo ack -C "root" /etc/
The ack command allows you to specify the type of files to search. This is very convenient for searching by source. You can only select C, JavaScript or PHP source files and so on. All available file types can be viewed using the command:
ack --help-types
For example, to search only XML files, use the –type option with the value xml :
sudo ack --type=xml "root" /etc/
Another interesting feature of the ack utility is setting up parts of the file that will be searched using a regular expression. The –range-start and –range-end options are intended for this , and it will work both within one line and within the entire file. For example, to search only the comments of XML files, you can use the following command:
sudo ack --type=xml --range-start="\" "root" /etc/
Silver Searcher
This is currently one of the most popular programs for searching text from files in Linux. It was designed as an alternative to ack, as a code search tool. In addition to the core features of ack, it is significantly faster and takes into account exclusion settings from .gitignore and .hgignore files. To install the program on Ubuntu, use the following command:
sudo apt install silversearcher-ag
Let’s look at the same example as in the previous sections. To find all files containing the word root in the /etc/ folder , run:
sudo ag "root" /etc/
Similar to grep and ripgrep , ag expects a regular expression as a search pattern, so you can use it without any additional options. For example:
sudo ag "^A[A-Z_]+=" /etc/
But if you want the search query to be treated as a string, use the -Q option . For example, to search for all files containing the [Install] section in the /usr/ folder , run:
sudo ag -Q "[Install]" /usr/
Here, too, you can display several lines before and after the line with the occurrence using the -C option .
Unlike grep and ripgrep , the ag command allows you to specify the type of files you want to search. You can view all available file types using the following command:
ag --list-file-types
For example, to search only by ini files, use the following command:
sudo ag --ini "root" /etc/
The utility also allows you to use a regular expression to filter files by name before searching by content. To do this you need to use the -G option . For example, to search only for files whose name ends with conf, run:
sudo ag -G .*\.conf$ root /etc/
Skim fuzzy search utility
This is another interesting real-time fuzzy search utility written in Rust. By default, it searches for files by name, but it can be used in conjunction with one of the utilities listed above to search for files by content in real time. The package with the program is not yet in the official repositories, but you can install it using cargo:
cargo install skim
The command searches only in the current folder and you cannot specify another folder, so you must first go to the desired folder using the cd command . For example:
cd /etc/
Then use this command to combine sk with Silver Searcher to filter files by content:
sk --ansi -i -c 'ag --color "{}"'
Here the –ansi option turns on displaying colors, -i turns on interactive mode, and the -c option specifies a command that will be executed when you enter any query, the string {} will be replaced with whatever you enter when searching. Just run the command and start typing the word you want to search for:
Then you can use all the fuzzy search filtering functions to process the results.
Performance of grep, rg, ack and ag
Before finishing the article, I want to give a small performance test of the above listed utilities for searching text in files in Linux. I downloaded and extracted the Linux kernel 6.2.10 source and then used each of the utilities to find all files that contained the word ext4 and btrfs. Between different utilities, the system was rebooted in order to eliminate the influence of the cache. Here are the results:
| Team | Time, s | Team | Time , s |
|---|---|---|---|
| grep -r ext4 ./ | 23.167 | grep -r btrfs ./ | 3.860 |
| rg ext4 ./ | 27.164 | rg btrfs ./ | 1.387 |
| ack ext4 ./ | 36.141 | ack btrfs ./ | 7.206 |
| ag ext4 ./ | 24.594 | ag btrfs ./ | 3.158 |
As you can see, immediately after the system starts, all commands work approximately the same. However, after that, utilities written in Rust use the cache more efficiently, because when launched repeatedly for the same set of files, they work faster than their C counterparts.
conclusions
This article covered the most commonly used utilities for searching files by content and searching for text in files in Linux. As you can see, there are enough tools to choose from. All teams are quite similar, but each of them has its own characteristics. What do you use? Write in the comments!
The post Search files by content in Linux appeared first on KaliTut.
