How to Use PowerShell’s Grep (Select

choubertsprojects

VPN offers!

1. NordVPN

2. Surfshark

3. ExpressVPN

Grep is a powerful tool to find and select lines of text from files. It can also be used for finding patterns within your data. In this tutorial, we explore how to use grep in PowerShell with examples that show how you might interact with the results.

The “select-string” is a command-line tool that allows users to search text files. It can be used with the grep command, which is found in the PowerShell environment.

How to Use PowerShell's Grep (Select

The grep command is one of the first Linux commands that many system administrators learn. This time-honored tool has been around for decades and is an essential addition to any administrator’s toolkit. Grep’s primary feature is the ability to look for a RegEx pattern in plain text. Grep may look for matches in a specified directory or in streaming data. Did you know that PowerShell contains a grep command? Well..almost.

PowerShell is more than simply a single-purpose binary since it is a language. So, similar to grep, what built-in features exist to search for plain text using RegEx patterns? In this post, we’ll look at how to use PowerShell to search for text in files.

The Select-String Cmdlet in Action

Select-String (our PowerShell grep) searches for the first match in each line by default, and then shows the file name, line number, and text inside the matched line. Select-String may also operate with multiple file encodings, such as Unicode text, by determining the encoding format using the byte-order-mark (BOM). Select-String will presume it’s a UTF8 file if the BOM is absent.

Select-String parameters

  • Select-String will normally just look for the first match in each line, but with this option, the cmdlet will seek for many matches. For each line, a single MatchInfo object will be produced, but it will include all of the matches discovered.
  • CaseSensitive – By default, matches are not case-sensitive; this compels the cmdlet to seek for matches that match the input pattern precisely.
  • Context – This is a very handy feature that allows you to choose the amount of lines that will be shown before and after the match. The generated MatchInfo object is modified by this argument to add a new Context property that includes the lines given.

Keep in mind that if you pipe the Select-String output to another Select-String operation, the context will be lost since you’ll only be searching on the one MatchInfo line property that results.

  • Culture – This defines a culture to be matched with the supplied pattern when used with the SimpleMatch option. This offers alternatives like en-US, es, and fr-FR, to name a few. The Ordinal and Invariant choices are two more helpful possibilities. Ordinal is used for non-linguistic binary comparisons, whereas Invariant is used for comparisons that are not based on culture.

This parameter debuted in PowerShell 7 and isn’t accessible in previous versions. Keep in mind that by default, this will utilize the system’s current culture, which can be discovered with Get-Culture.

  • Specify the encoding of the target file to search for, which is set to utf8NoBOM by default.
    • ascii: Uses the ASCII (7-bit) character set’s encoding.
    • bigendianunicode: Uses the big-endian byte order to encode in UTF-16 format.
    • oem: For MS-DOS and console applications, this is the default encoding.
    • unicode: Uses the little-endian byte order to encode in UTF-16 encoding.
    • utf7: Uses the UTF-7 encoding format.
    • utf8: Uses the UTF-8 encoding format.
    • utf8BOM: Uses the Byte Order Mark to encode in UTF-8 format (BOM)
    • utf8NoBOM: Uses UTF-8 without the Byte Order Mark (BOM)
    • utf32: Uses the UTF-32 encoding format.

    The Encoding option now takes numeric IDs of registered code pages, such as 1251, or string names, such as windows-1251, starting with PowerShell Core 6.2.

The Encoding option now takes numeric IDs of registered code pages, such as 1251, or string names, such as windows-1251, starting with PowerShell Core 6.2.

  • Exclude — Using the Path argument, use a pattern to exclude specified things, such as *.txt.
  • Include — Similar to the Exclude argument, Include will only include objects that match a pattern, such as *.log.
  • List — From each input file, only return the first occurrence of matched text. This is meant to be a quick and effective approach to get a list of files with matching contents.
  • Select-String will utilize the values as input instead of interpreting values like * as a wildcard if you use LiteralPath. If the route contains escape characters, encapsulate them in single quote marks to prevent them from being interpreted.
  • NoEmphasis – Disable the highlighting of matches instead of highlighting the string on which the pattern is matched. By default, emphasis employs negative colors that are dependent on the colors of the backdrop text.
  • Look for text that does not match the supplied pattern using NotMatch.
  • Path – Enter the path to the files you want to search for. You can use wildcards, but you can’t just specify a directory. The local directory is the default.
  • Pattern – The RegEx pattern to look for in the input material or files.
  • SimpleMatch — Instead of regular expressions, use a simple match. Because no RegEx is used, the Matches field of the returned MatchInfo object is empty.
  • Raw – Without a MatchInfo object, output the matched strings. This is the behavior that is most akin to grep, rather than PowerShell’s more object-oriented nature.
  • Quiet — If the pattern is detected, only return a $true or $false.

Grep err… using PowerShell Select-String

Knowing how a cmdlet’s parameters and options operate isn’t the same as actually utilizing it in a production setting. Let’s look at some examples to see how we can use Select-String to make it simpler to locate text matches.

Select-String may be used to locate matches in three different ways.

  • To use the Select-String cmdlet, pipe in quoted text, i.e. stream in the text.
  • Pass the variable to the InputObject parameter with text saved in it.
  • You may use the Path argument to select which files to look for text in.

The files we’re using to test this are produced at random, but they’re of the sort that’s often encountered in production systems.

Matching Files in a Simple Way

Let’s start with a very basic example: let’s search for Joe in a few CSV files.

-Path “Users*.csv” -Pattern “Joe” Select-String -Path “Users*.csv” -Pattern “Joe”

A basic Select-String pattern match is shown.A basic Select-String pattern match is shown.

As you can see, this is rather straightforward; we can see how Joe is highlighted on the line with the rest of the data. But what information is really returned in this case? Let’s take a look at every property of a returned match.

-Path “Users*.csv” -Pattern “Joe” | Select-Object * -First 1 -Path “Users*.csv” -Pattern “Joe” | Select-String -Path “Users*.csv” -Pattern “Joe”

A Select-String match's returned attributes are shown.A Select-String match’s returned attributes are shown.

There are a few attributes that are relevant here. The line, route, pattern, and matches, in particular. The matches property contains the majority of the information we want.

-Path “Users*.csv” -Pattern “Joe” Select-String -Path “Users*.csv” -Pattern “Joe” | Select-String -Path “Users*.csv” -Pattern “Joe” Select-Object -First 1 -ExpandProperty Matches

Enumerating the available data and the Matches property.Enumerating the available data and the Matches property.

Even though we used a basic phrase, you can see that this is still a RegEx expression with all of the associated information.

What if we used comma separated patterns to seek for numerous distinct values? This is beneficial since it creates three distinct patterns rather than a single complicated RegEx value.

-Path “Users*.csv” -Pattern “Joe” Select-String -Path “Users*.csv” Select-String -Path “Users*.csv” “Joe”,”Marti”,”Jerry” -Pattern

Multiple results are returned from a Select-String search.Multiple results are returned from a Select-String search.

If we simply choose the filename, pattern, and line from our search, we can see how this is the case.

-Path “Users*.csv” -Pattern “Joe” Select-String -Path “Users*.csv” Select-String -Path “Users*.csv” “Joe”,”Marti”,”Jerry” -Pattern | Select-Object FileName, Pattern, Line

Using a multiple Select-String match to filter the results.Using a multiple Select-String match to filter the results.

RegEx Matching with a Higher Level of Complexity

Now that we’ve gone over some of the more basic pattern matching techniques, how about putting RegEx to work to find more useful patterns? These three instances are asking for Email Addresses, IP Addresses, and Social Security Numbers, respectively (SSNs). There are probably simpler methods to design a RegEx search than the patterns used here. Grep (Select-String) in PowerShell is a somewhat complex cmdlet.

Let’s examine if there are any emails in our files. Finding such matches will be shown using a relatively sophisticated RegEx match, as seen below.

Select-String -Path “Users*.csv” -Pattern “b” Select-String -Path “Users*.csv” -Pattern “b” [A-Za-z0-9._ % -] [email protected] [A-Za-z0-9.-] +. [A-Za-z] ‘2,4b’ | ‘2,4b’ | ‘2,4b’ | ‘ Select-Object -First 10 is a command that selects the first 10 objects in a

Demonstrating how to match data with RegEx.Demonstrating how to match data with RegEx.

Of course, if a file included SSNs, it would be of more concern. The following is a fairly basic match for this.

Select-String -Path “Users*.csv” -Pattern “ddd-dd-dddd” | Select-String -Path “Users*.csv” -Pattern “ddd-dd-dddd” Select-Object -First 10 is a command that selects the first 10 objects in a

A basic SSN RegEx search is shown.A basic SSN RegEx search is shown.

Finally, what if we needed to find certain IP addresses in our database? It’s easier to find that pattern by using another RegEx phrase.

Select-String -Path “Users*.csv” -Pattern ‘bd1,3.d1,3.d1,3.d1,3b’ | Select-String -Path “Users*.csv” | Select-String -Path “Users*.csv” | Select-String -Path “Users*.csv” | Select-String -Path “U Select-Object -First 10 is a command that selects the first 10 objects in a

A basic IP Address RegEx search is shown.A basic IP Address RegEx search is shown.

A word of caution concerning this RegEx. This will technically match numbers up to 999.999.999.999, which is an invalid IP address. You can make more precise RegEx expressions by making them longer, but this is a trade-off depending on what you want to do.

Contextual Searching

Context is highly important in troubleshooting since it helps to clarify what is going on before and after an event occurs. Let’s look for this suspendedpage.cgi content in an Apache log, for example.

Select-String -Path “Web*.txt” -Pattern “suspendedpage.cgi” -Context 1 | Select-Object -First 1 | Select-String -Path “Web*.txt” -Pattern “suspendedpage.cgi” -Context 1

In an Apache log, I'm looking for a certain line.In an Apache log, I’m looking for a certain line.

The > simple indicates the matched line, and there is one line prior to the match and after the match. In this example, this could tell us that the Google bot was looking for robots.txt and unfortunately received a suspendedpage.cgi result instead. Next, it went to try the homepage and perhaps got the same error.

So, what precisely is in the context property of the MatchInfo object when it is emitted? When we look at that property in more detail, we can see that it has two parts: PreContent and PostContent. This implies you’ll be able to tweak it later on if required.

Select-Object -ExpandProperty -Path “Web*.txt” -Pattern “suspendedpage.cgi” -Context 1 | Select-String -Path “Web*.txt” -Pattern “suspendedpage.cgi” First Context | Format-List

Showing how to use the Context property.Showing how to use the Context property.

Other articles that showcase searching through log files include Making Sense of the Microsoft DNS Debug Log, which shows how to use Select-String to search through a DNS debug log. In that article, the PowerShell grep is really useful.

Conclusion

Grep is a very helpful tool in the Linux environment, and Select-String in PowerShell provides a lot of the same capabilities. The object-oriented design of PowerShell only adds to the cmdlet’s usability and usefulness.

For many System Administrators, the ability to search log files quickly and effectively across a variety of formats, as well as grasp context, is a critical skill. This is simple to implement using PowerShell Select-String, and it saves numerous hours of debugging!

The “powershell grep output” is a command-line tool that allows users to search through text files. It can be used to search for specific words or phrases in the file, and then display the results of the search onscreen.

Frequently Asked Questions

How do you use Select in PowerShell?

A: In PowerShell, you could use Select to choose one or more commands from a list of available commands.

How do I select a specific String in PowerShell?

A: The simplest answer is the
get-childitem cmdlet. If you are referencing a directory with multiple files, use the Get-ChildItem cmdlet to get an array of file objects and iterate over it using foreach or ForEach loop.

What is the PowerShell equivalent of grep?

A: The PowerShell equivalent of grep is called Where-Object. You can use it to search for specific values in a collection and filter them from the results.

Related Tags

  • powershell select-string
  • powershell select-string after pattern
  • powershell grep
  • powershell grep equivalent
  • powershell select-string multiple patterns