Hi.
This is a question about grep and regular expression.
If I want to see all the requests whose response is a 200 code, I can do:
grep -e '^.* - - .* .* .* .* .* 200' access_log
Quite easy peasy.
But what if I want to retrieve all the requests whose response is NOT a 200 code? I would like to be able to do that with only one grep instruction. Is that possible?
Thanks, Dan
You can simply use the -v option for grep. This inverts the matches, so it returns all the lines that do not match the pattern.
So like this:
grep -v [pattern] [file]
I'd use this:
^\S+\s+\S+\s+\S+\s+\[[^]]+\]\s+"(?:GET|POST|HEAD) [^ ?"]+\??[^ ?"]+? HTTP/[0-9.]+"\s+200
and then invert the result as Daniel Egeberg suggested.
With comments and capturing groups, courtesy of RegexBuddy:
^((?#client IP or domain name)\S+)\s+((?#basic authentication)\S+\s+\S+)\s+\[((?#date and time)[^]]+)\]\s+"(?:GET|POST|HEAD) ((?#file)[^ ?"]+)\??((?#parameters)[^ ?"]+)? HTTP/[0-9.]+"\s+(?#status code)200