c88f039c-6c09-42fa-884f-2f8697073c90_200x200

Text Manipulation in Linux

Linux Administrator
Linux Administrator
All around security geek, editor-in-chief and janitor.

Share This Post:

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
love-linux

In Linux, nearly every object (usually a text) is a file, and for instance, all configuration files in Linux are text files. So to reconfigure an application, you simply open the configuration file, change the text, save the file, and then restart the application—your reconfiguration is complete.  For illustrative purposes, we will use files from various programs within Linux.

Viewing Files

cat: Concatenating Files

The most basic text display command is “cat”, which is a short form of concatenate.  We can use it to show the configuration file for FUSE, the Filesystem in Userspace (FUSE) application.

Using cat to view a file in linux
Using the cat function in linux to view a file.
If you are following along on your own terminal, your screen now displays the contents of the entire configuration file, which streams until it comes to the end of the file. From a practical point of view, this isn’t the most convenient way to work with file of more than a few lines in length.

head: View the Beginning of a File

In order to view the beginning of a file, you can use the head command.  The “head” command displays the first 10 lines of a file. In this next example, we use the “head” command on the oinkmaster.conf file, a script that will help you update and manage Snort rules. 

Using the head function to view a file in Linux
If you want to see more than 10 lines, enter the number of lines that you want with the dash (-) switch after the call to head and before the filename. If you want to see the first 15 lines, you should enter the command found in the image below.
Using the head command in Linux to view 15 lines.
Using the head command in Linux to view more than 10 lines.

tail: View the end of a file

Similar to the head command, the tail command is used to view the last lines of a file.  Additionally, the default for tail is to show 10 lines. As with the head command, you can tell tail how many lines to display by entering a dash (-) and then the number of lines between the command and the filename.
Showing the use of the tail function in Linux
Viewing the last lines of a file with Linux's tail function.

nl: Inserting Line Numbers

If you want the file to display line numbers on a file, use the nl (number lines) command.

grep: Filtering Text

Using the grep command to find specific words and terms.
The “grep” command grep lets you filter the content of a file for display. If you want to see all lines that include the word “URL” in your oinkmaster.conf file, use cat and ask it to display only those lines. Grep’ing a file requires that you view it first and then use a pipe (|) to send it to the grep command, which takes the file as input and look for lines with occurrences of the specified word, in this case, URL and displays those lines with the target word; grep can save you hours of searching for every occurrence of a word or command in a file.

sed:Find and Replace

The sed command lets you search for occurrences of a word or a text pat- tern and then perform some action on it. The name of the command is a contraction of stream editor, because it follows the same concept as a stream editor. In its most basic form, sed operates like the Find and Replace function in Windows.   Let’s use it to search for the term “multiple” in the oinkmaster.conf file, replace it with the word “MULTIPLE” and save it as a new file.

As you can see, after running the sed command:


“sed s/multiple/MULTIPLE/g oinkmaster.conf >oinkmaster.conf.COPY”

The grep command does not find any instances of multiple in the oinkmaster.conf.COPY file, but it found multiple instances of “MULTIPLE” in the file.

Breaking Down the sed Command

The “s” command performs the search: you give the search term “multiple” and  the term you want to replace it with “MULTIPLE”, separated by a slash (/). The “g” command tells Linux that you want the replacement performed globally. Then the result is then output to a new file, oinkmaster.conf.COPY
Now, when you use grep with oinkmaster.conf.COPY to search for “multiple”, you’ll see that no instances were found, but when you search for “MULTIPLE”, you find a number of occurrences.  

 

Getting Super Specific with sed

If you wanted to replace only the first occurrence of a term, leave out the trailing g command. You can also use the “sed” command to find/replace any specific occurrence of a word by modifying the character after the “/” that follows the replacement term.  If you want to replace only the second occurrence of the word, simply place the number of the occurrence (in this case, 2) at the end of the command.

Viewing Files with more and less

While “cat”  is a good utility for small files, it is not practical for working with large files. When you use “cat”, the file scrolls through every page until it comes to the end, which isn’t practical if you want to glean any information from it, instead you should use: more and less.

Controlling the Display with more

The “more” command displays a page of a file at a time and lets you page down through it using the enter key.  “more” displays the first page, stops, and then states in the lower-left corner how much of the file is shown to see additional lines or pages, press enter. To exit more, enter q (for quit).

Displaying and Filtering with less

The “less” command is a more comprehensive command than “more” With less, you can:

  • Scroll through a file; and
  • Filter it for terms.
Using the "less" command in Linux
Notice in the bottom left of the screen that less has highlighted the path to the file. If you press the forward slash (/) key, less will let you search for terms in the file, in this case the term “URL”
Using the "less" command in Linux - searching for a specific term.
And now you can see the indicated term is highlighted.

If you are looking for more advanced text analysis and manipulation techniques, check out Secur’s article on “How to Search and Analyze Text in Linux“. 

Share This Post:

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked *

Table of Contents

You May Like

Related Posts

Your Linux and Security Source

All Rights Reserved © 2020