If you manage a Linux server, sooner or later you'll be staring at a log file: hundreds of lines, an error hidden somewhere, an IP to block. You open it, press Ctrl+F, scroll… and waste time. The commands we're covering today are the basic toolkit of anyone working on Linux daily. At Meteora Web, we use them to diagnose performance issues, clean up data, automate backups, and analyse web application logs. If you don't master these, you're working with one hand tied behind your back.
The power of a pipe: combining commands like building blocks
The real superpower of Linux isn't a single command — it's the ability to chain them. The pipe character | takes the output of one command and passes it as input to the next. It sounds trivial, but this architecture makes the shell infinitely extensible.
Basic example: find all lines containing "ERROR" in a log and display them.
cat /var/log/syslog | grep ERRORBut we can go further: filter, transform, and save.
cat access.log | grep "404" | awk '{print $1}' | sort | uniq -c | sort -rnThis single line extracts all IPs that caused 404 errors, counts them, and sorts by frequency. In a few seconds you have a map of the issue. Try doing that manually.
grep: search intelligently
grep is the Swiss army knife of text search. It's not just for finding words: it supports regular expressions, recursive search, inverse matching, and context.
Options we use every day
- -r: recursive search into directories
- -i: case-insensitive
- -v: show lines that don't match
- -C 3: show 3 lines of context before and after the match
- -E: extended regex (same as
egrep)
Practical example: find all PHP files containing a deprecated function in a Laravel project.
grep -r --include="*.php" "mysql_query" /var/www/project/Common mistake to avoid: using grep on binary files without the -a option. Grep treats binaries as no match and stays silent, leaving you to think there's nothing.
sed: find and replace without opening a file
sed is the stream editor. It doesn't modify the file unless you explicitly ask. We use it for mass substitutions, line removal, output sanitization.
Basic substitution
sed 's/old/new/g' file.txtImportant: without -i, output goes to screen, the file stays untouched. To actually modify: sed -i 's/.../.../g'.
Real-world example: in an NGINX config file we need to change the server name from example.com to example.org.
sed -i 's/server_name example.com;/server_name example.org;/g' /etc/nginx/sites-available/site.confWhy it pays off: if you need to update 50 config files, sed with a pipe and a loop saves hours of manual work.
awk: more than a command — it's a language
awk was designed to process structured files (rows and columns). With few characters you can extract fields, compute sums, filter by condition.
Extract columns
awk '{print $1, $NF}' file.logShows the first and last field of each line. $NF is the last field, $0 is the whole line.
Filter and sum
Assume a CSV of sales: product, quantity, price. We want the total sales revenue.
awk -F',' '{tot += $2 * $3} END {print "Total:", tot}' sales.csvAt Meteora Web we come from accounting — before we were developers, we did these counts manually in spreadsheets. Today awk does the same in an instant.
Debug example: extract all unique IPs from an access log and count them.
awk '{print $1}' access.log | sort | uniq -c | sort -rnfind: search files like a detective
find is not just for locating a file by name. Using expressions, you can search by type, size, modification date, permissions, and then execute actions.
Most useful filters
- -name: filename pattern
- -type f / d: files only or directories only
- -size +100M: files larger than 100 MB
- -mtime -7: modified in the last 7 days
- -exec command {} \;: execute a command on each found file
Example: find and delete temp files older than 30 days.
find /tmp -type f -name "*.tmp" -mtime +30 -deleteWarning: always test without -delete first to see what would be removed. Use -ok instead of -exec to ask for confirmation.
On a production server we once found tens of GB of uncompressed logs that hadn't been rotated. One find with -size and -delete freed space without restarting anything.
xargs: from input to arguments
xargs converts standard input into command-line arguments. It solves the problem of too many arguments (when you exceed the kernel limit) and allows parallel execution.
Example: move all .log files to an archive directory
find /var/log -name "*.log" -mtime +90 | xargs -I{} mv {} /backup/logs/Key options:
- -I{}: set a placeholder for the input
- -P 4: run up to 4 processes in parallel
- -n 1: pass one argument at a time (useful for commands that accept only one file)
Common mistake: not using -0 when input contains spaces. If filenames have spaces, use find ... -print0 | xargs -0 ....
In summary — what to do now
- Open your terminal and run
cat /var/log/syslog | grep -i error | head -20. See what you find. - Practice with sed: create a file with 10 lines of text, then replace a word with
sed -i 's/.../.../g' file. - Use awk for a report: take a sample CSV file and compute the average of a column.
- Find the largest files with
find / -type f -size +500M 2>/dev/null. Then decide what to do. - Combine everything: write a one-liner that finds all .conf files modified in the last 7 days, extracts lines containing "server_name", and writes the result to a file.
These commands are the daily bread of Linux system administrators. We use them every day to keep e‑commerce sites, Laravel platforms, and client infrastructures running. If you want to dig deeper, the official GNU documentation is the right place: grep manual, sed manual, awk manual.
Sponsored Protocol
