Use Top command which repeats 5 times, pipe the results to Grep and Cut command to print the PID for init process on your screen.
Hi all, I have my line of code:
top -n 5 | grep "init" | cut -d" " -f3 > topdata
But I cannot see any output to verify that it's working.
Also, the next script asks me to use a one line command which shows the total memory used in megabytes. I'm supposed to pipe results from Free to Grep to select or filter the lines with the pattern "Total:" then pipe that result to Cut and display the number representing total memory used. So far:
free -m -t | grep "total:" | cut -c25-30
Also not getting any print return on that one. Any help appreciated.
expanding on my comments:
grep is case sensitive. free says "Total", you grep "total". So no match! Either grep for "Total" or use grep -i.
Instead of cut, I prefer awk when I need to get a number out of a line. You do not know what length the number will be, but you know it will be the first number after Total:. So:
free -m -t | grep "Total:" | awk '{print $2}'
For your top command, if you have no init process (which you should, but it would probably not show in top), just grep for something else to see if your code works. I used cinnamon (running Mint). The top command is:
top -n 5 | grep "cinnamon" | awk '{print $1}'
Replace "cinnamon" by "init" for your requirement. Why $1 in the awk? My top puts the PID in the first column. Adjust accordingly.
Overall, using cut is good when you have a string that is delimited by some character. Ex. aaa;bbb;ccc, you would cut on -d';'. But here the numbers might have different lengths so using cut is not (IMHO) the best solution.
The init process has PID 1, to there's no reason to do like this.
To find the PID of a process in general, I'd recommend:
pidof <name>
I want to grep exact string by pattern in variable
ip="192.168.100.1"
arp -a | grep "$ip"
This outputs something like this:
# arp -a | grep "$ip"
? (192.168.10.1) at 66:ca:6d:88:57:cd [ether] on br0
? (192.168.10.15) at 3c:15:a0:05:b5:94 [ether] on br0
but I want exactly IP no IP of other PCs
Also I have only embedded grep (minimalistic) also I have awk,sed.
Im trying this but without success:
arp -a | grep "\b$ip\b"
Word boundaries like \b aren't available with standard grep. From the output snippet you posted it looks like this will work for you:
$ ip="192.168.10.1"
$ grep -F "($ip)" file
? (192.168.10.1) at 66:ca:6d:88:57:cd [ether] on br0
i.e. just use -F for a string instead of regexp comparison and explicitly include the delimiters that appear around the IP address in the input.
FWIW in awk it'd be:
$ awk -v ip="($ip)" 'index($0,ip)' file
? (192.168.10.1) at 66:ca:6d:88:57:cd [ether] on br0
and you can't do it in a reasonable way in sed since sed ONLY supports regexp comparisons, not strings (see Is it possible to escape regex metacharacters reliably with sed).
If I understand correctly what you are saying you just want to add a -o option to your command, the -o option print only the matched (non-empty) parts of a matching line,with each such part on a separate output line.
arp -a | grep -o "$ip"
Protagonists
The Admin
Pipes
The Cron Daemon
A bunch of text processing utilities
netstat
>> the Scribe
Setting
The Cron Daemon is repeatedly performing the same job where he forces an innocent netstat to show the network status (netstat -n). Pipes then have to pick up the information and deliver it to bystanding text processing utilities (| grep tcp | awk '{ print $5 }' | cut -d "." -f-4). >> has to scribe the important results to a file. As his highness, The Admin, is a lazy and easily annoyed ruler, >> only wants to scribe new information to the file.
*/1 * * * * netstat -n | grep tcp | awk '{ print $5 }' | cut -d "." -f-4 >> /tmp/file
Soliloquy by >>
To append, or not append, that is the question:
Whether 'tis new information to bother The Admin with
and earn an outrageous Fortune,
Or to take Arms against `netstat` and the others,
And by opposing, ignore them? To die: to sleep;
note by the publisher: For all those that had problems understanding Hamlet, like I did, the question is, how do I check if the string is already included in the file and if not, append it to the file?
Unless you are dealing with a very big file, you can use the uniq command to remove the duplicate lines from the file. This means you will also have the file sorted, I don't know if this is an advantage or disadvantage for you:
netstat -n | grep tcp | awk '{ print $5 }' | cut -d "." -f-4 >> /tmp/file && sort /tmp/file | uniq > /tmp/file.uniq
This will give you the sorted results without duplicates in /tmp/file.uniq
What a piece of work is piping, how easy to reason about,
how infinite in use cases, in bash and script,
how elegant and admirable in action,
how like a vim in flexibility,
how like a gnu!
Here is a slightly different take:
netstat -n | awk -F"[\t .]+" '/tcp/ {print $9"."$10"."$11"."$12}' | sort -nu | while read ip; do if ! grep -q $ip /tmp/file; then echo $ip >> /tmp/file; fi; done;
Explanation:
awk -F"[\t .]+" '/tcp/ {print $9"."$10"."$11"."$12}'
Awk splits the input string by tabs and ".". The input string is filtered (instead of using a separate grep invocation) by lines containing "tcp". Finally the resulting output fields are concatenated with dots and printed out.
sort -nu
Sorts the IPs numerically and creates a set of unique entries. This eliminates the need for the separate uniq command.
if ! grep -q $ip /tmp/file; then echo $ip >> /tmp/file; fi;
Greps for the ip in the file, if it doesn't find it, the ip gets appended.
Note: This solution does not remove old entries and clean up the file after each run - it merely appends - as your question implied.
I'm writing a BASH script that outputs iptables -L -n and searches for the existence of an IP address. I'm stuck with how to use this with egrep. Roughly:
CHECK=$(iptables -L -n | egrep $the_string)
which "looks" like it would work, but it doesn't have an end delimiter $ so it would match:
25.24.244
and
25.24.24
When I really just need to match for 25.24.24 only.
I tried escaping this but the $ creates issues with the regular expression.
At least this is the only means I've found to search for the IP in the iptables system. It doesn't appear to have any query mechanism itself (puzzling).
I am probably missing something very simple here, and just need a pointer or two :-)
Thanks.
You should backslash the . : this means any character in regex...
iptables -L -n | grep "25\.24\.24$"
(no need egrep there)
The $ at the end of the regular expression works as expected:
the_ip=25.24.24
the_string=$(echo $the_ip | sed 's/\./\\\./g')
iptables -L -n | egrep "$the_string$"
I'm trying to find a short and robust way to put my IP address into a bash variable and was curious if there was an easier way to do this. This is how I am currently doing it:
ip=`ifconfig|xargs|awk '{print $7}'|sed -e 's/[a-z]*:/''/'`
I've been struggling with this too until I've found there's a simple command for that purpose
hostname -i
Is that simple!
man hostname recommends using the --all-ip-addresses flag (shorthand -I ), instead of -i, because -i works only if the host name can be resolved. So here it is:
hostname -I
And if you are interested only in the primary one, cut it:
hostname -I | cut -f1 -d' '
ip is the right tool to use as ifconfig has been deprecated for some time now. Here's an awk/sed/grep-free command that's significantly faster than any of the others posted here!:
ip=$(ip -f inet -o addr show eth0|cut -d\ -f 7 | cut -d/ -f 1)
(yes that is an escaped space after the first -d)
You can take a look at this site for alternatives.
One way would be:
ifconfig | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}'
A bit smaller one, although it is not at all robust, and can return the wrong value depending on your system:
$ /sbin/ifconfig | sed -n '2 p' | awk '{print $3}'
(from http://www.htmlstaff.org/ver.php?id=22346)
The ifdata command (found in the moreutils package) provides an interface to easily retrieve ifconfig data without needing to parse the output from ifconfig manually. It's achieved with a single command:
ifdata -pa eth1
Where eth1 is the name of your network interface.
I don't know how this package behaves when ifconfig is not installed. As Syncrho stated in his answer, ifconfig has been deprecated for sometime, and is no longer found on a lot of modern distributions.
Here is the best way to get IP address of an device into an variable:
ip=$(ip route get 8.8.8.8 | awk 'NR==1 {print $NF}')
NB Update to support new Linux version. (works also with older)
ip=$(ip route get 8.8.8.8 | awk -F"src " 'NR==1{split($2,a," ");print a[1]}')
Why is it the best?
Hostname -I some times get only the IP or as on my VPS it gets 127.0.0.2 143.127.52.130 2a00:dee0:ed3:83:245:70:fc12:d196
Hostnmae -I does not work on all system.
Using ifconfig may not always give the IP you like.
a. It will fail you have multiple interface (wifi/etcernet) etc.
b. Main IP may not be on the first found interface
Searching of eth0 may fail if interface have other name as in VPS server or wifi
ip route get 8.8.8.8
Tries to get route and interface to Googles DNS server (does not open any session)
Then its easy to get the ip or interface name if you like.
This can also be used to get a ip address of an interface to a host on a multiruted net
my short version. Useful when you have multiple interface and just want the main ip.
host `hostname` | awk '{print $4}'
You can get just awk to do all the parsing of ifconfig:
ip=$(ifconfig | gawk '
/^[a-z]/ {interface = $1}
interface == "eth0" && match($0, /^.*inet addr:([.0-9]+)/, a) {
print a[1]
exit
}
')
Not really shorter or simpler, but it works for me:
ip=$(ip addr show eth0 | grep -o 'inet [0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+' | grep -o [0-9].*)
The following works on Mac OS (where there is no ip commnand or hostname options):
#!/bin/bash
#get interface used for defalt route (usually en0)
IF=$(route get default |grep 'interface' |awk -F: '{print $2}');
#get the IP address for inteface IF
#does ifconfig, greps for interface plus 5 lines, greps for line with 'inet '
IP=$(ifconfig |grep -A5 $IF | grep 'inet ' | cut -d: -f2 |awk '{print $2}');
#get the gateway for the default route
GW=$(route get default | awk '/gateway:/ {print $2}');
ifconfig | grep -oP "(?<=inet addr:).*?(?= Bcast)"
When using grep to extract a portion of a line (as some other answers do), perl look-ahead and look-behind assertions are your friends.
The quick explanation is that the first (?<=inet addr:) and last (?= Bcast) parenthesis contain patterns that must be matched, but the characters that match those patters won't be returned by grep, only the characters that are between the two patterns and match the pattern .*? that is found between the sets of parenthesis, are returned.
Sample ifconfig output:
eth0 Link encap:Ethernet HWaddr d0:67:e5:3f:b7:d3
inet addr:10.0.0.114 Bcast:10.0.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1392392 errors:0 dropped:0 overruns:0 frame:0
TX packets:1197193 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1294730881 (1.2 GB) TX bytes:167208753 (167.2 MB)
Interrupt:18
This will extract your IP address from the ifconfig output:
ifconfig | grep -oP "(?<=inet addr:).*?(?=Bcast)"
To assign that to a variable, use this:
ip=$(ifconfig | grep -oP "(?<=inet addr:).*?(?=Bcast)")
A slightly more in depth explanation:
From man grep:
-o Print only the matched (non-empty) parts of matching lines, with each such part on a separate output line.
-P Interpret the pattern as a Perl regular expression. This is highly experimental and ‘grep -P’ may warn of unimplemented features.
From permonks.org:
(?<=pattern) is a positive look-behind assertion
(?=pattern) is a positive look-ahead assertion
-o Tells grep to only return the portion of the line that matches the pattern. The look-behinds/aheads are not considered by grep to be part of the pattern that is returned. The ? after .* is important since we want it to look for the very next look-ahead after the .* pattern is matched, and not look for the last look-ahead match. (This is not needed if we added a regex for the IP address instead of .*, but, readability).
I am using
IFACE='eth0'
IP=$(ip -4 address show $IFACE | grep 'inet' | sed 's/.*inet \([0-9\.]\+\).*/\1/')
The advantage of this way is to specify the interface (variable IFACE in the example) in case you are using several interfaces on your host.
Moreover, you could modify ip command in order to adapt this snippet at your convenience (IPv6 address, etc).
I think the most reliable answer is :
ifconfig | grep 'inet addr:' | grep -v '127.0.0.1' | awk -F: '{print $2}' | awk '{print $1}' | head -1
AND
hostname -I | awk -F" " '{print $1}'
because when you don't use head -1 it shows all ips....
In my script i did need only the network part of the IP, so I did it like that
local=$(hostname -I | awk '{print $2}' | cut -f1,2,3 -d".")
Where the cut -f1,2,3 -d"." can be read as "get first 3 parts separated by commas"
To change interfaces just change $2 to your interface number, to get whole IP remove cut.
In trying to avoid too many pipes, work on various linuxes, set an exit code, and avoiding ifconfig or other packages, I tried the whole thing in awk:
ip addr show | awk '
BEGIN {FS="/"}
/^[0-9]+: eth[0-9]+.*UP*/ {ss=1}
ss==1 && /^ +inet / {print substr($1,10); exit 0}
END {exit 1}'
and note that a particular interface can be specified after "ip addr show" if you don't want just the first eth interface. And adapting to ipv6 is a matter of looking for "inet6" instead of "inet"...
On mac osx, you can use ipconfig getifaddr [interface] to get the local ip:
$ ipconfig getifaddr en0
192.168.1.30
$ man ipconfig
DESCRIPTION
ipconfig is a utility that communicates with the IPConfiguration agent to
retrieve and set IP configuration parameters. It should only be used in
a test and debug context. Using it for any other purpose is strongly
discouraged. Public API's in the SystemConfiguration framework are cur-
rently the only supported way to access and control the state of IPCon-
figuration.
...
getifaddr interface-name
Prints to standard output the IP address for the first net-
work service associated with the given interface. The output
will be empty if no service is currently configured or active
on the interface.
In my case I had some more interfaces in list before eth0. By this command you can get ip4 address for any interface. For that you need to change eth0 to interface that you need.
/sbin/ifconfig eth0 | grep 'inet addr:' | cut -d: -f2 | awk '{print $1}'
The "eth3" is optional (useful for multiple NIC's)
ipaddress=`ip addr show eth3 | grep 'inet ' | awk '{ print $2}' | cut -d'/' -f1`
If by "my ip address" you mean "the IP address my machine will use to get to the public Internet to which I am connected", then this very tidy JSON answer may work for you, depending on what O/S your machine runs:
ip=$( ip -j route get 8.8.8.8 | jq -r '.[].prefsrc' )
It does require an ip command that produces JSON output (some say the BusyBox ip command cannot do this), the CLI jq parser that can extract fields from JSON input, and your machine has to know how to get to the public IP at 8.8.8.8.
If you want the IP address your machine would use to get to some other place, such as a local network, put that other IP in place of the public IP 8.8.8.8, e.g.
ip=$( ip -j route get 192.168.1.1 | jq -r '.[].prefsrc' )
ip=$( ip -j route get 10.1.2.3 | jq -r '.[].prefsrc' )
If you only have one interface, then most any non-localhost IP address should work to get your IP address.
Parsing the JSON output with jq is so much simpler than all those complex examples with sed, awk, and grep, but the more complex examples do use tools that are present by default on almost all Unix/Linux/BSD systems.
assuming you have something like curl or wget, then one easy way to get external IP addresses with no downstream parsing necessary would be :
— (wildcard syntax for wget might differ)
curl -w '\n\n%{url_effective}\n\n' -s 'http://api{,6}.ipify.org'
98.xxx.132.255
http://api.ipify.org/
2603:7000:xxxx:xxxx:xxxx:c80f:1351:390d
http://api6.ipify.org/
Yielding both IPv4 and IPv6 addresses in one shot