AWK / Grep - 排除包含文件路徑的行
[英]AWK / Grep - Exclude lines containing file paths
問題描述
我有一個 .txt 文件,其中包含具有不同文件路徑的行。 我想簡單地排除包含某些文件路徑的行。 問題是我沒有繞過與常用工具一起使用的正則表達式格式。
sudo cat serv_list.txt | awk '!/C:\\Windows\\system32/' > serv2.txt
sudo cat serv_list.txt | awk '!/"C:\\Windows\\system32"/' > serv2.txt
或者
sudo cat serv_list.txt | grep -a -v "C:\Windows\system32\"
我也試圖逃避斜線,但沒有奏效。
該文件如下所示:
Name PathName ProcessId StartMode
Dhcp C:\Windows\system32\svchost... 784 Auto
ehRecvr C:\Windows\ehome\ehRecvr.exe 543 Auto
defragsvc C:\Windows\system32\svchos... 456 Manual
Audiosrv C:\Windows\System32\svchost.e.. 123 Manual
...
輸出應該是:
Name PathName ProcessId StartMode
ehRecvr C:\Windows\ehome\ehRecvr.exe 543 Auto
...
有人可以幫助我了解如何修改 awk 或 grep 表達式以排除包含 system32 目錄路徑的所有行。
謝謝 :)
從命令行提取文件:
從編輯器中提取文件:
輸出的最后cat -v serv_list2.txt行: cat -v serv_list2.txt
FALSE Windows Update Normal 0 wuauserv C:\Windows\system32\svchost.exe -k netsvcs 856 0 Share Process TRUE Auto LocalSystem Running OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE Windows Driver Foundation - User-mode Driver Framework 0 Win32_Service Manages user-mode driver host processes. FALSE Windows Driver Foundation - User-mode Driver Framework Normal 1077 wudfsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted 0 0 Share Process FALSE Manual LocalSystem Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE WWAN AutoConfig 0 Win32_Service This service manages mobile broadband (GSM & CDMA) data card/embedded module adapters and connections by auto-configuring the networks. It is strongly recommended that this service be kept running for best user experience of mobile broadband devices. FALSE WWAN AutoConfig Normal 1077 WwanSvc C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork 0 0 Share Process FALSE Manual NT Authority\LocalService Stopped OK Win32_ComputerSystem ELS-PC 0 0
kali@kali:~$
輸出提取自
kali@kali:~$ awk -v IGNORECASE=1 '
{
gsub(/\r/,"")
}
FNR==1{
print
next
}
($2!~/C:\\Windows\\system32\\/)
' serv_list2.txt
FALSE WLAN AutoConfig Normal 1077 Wlansvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted 0 0 Share Process FALSE Manual LocalSystem Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE TRUE WMI Performance Adapter 0 Win32_Service Provides performance library information from Windows Management Instrumentation (WMI) providers to clients on the network. This service only runs when Performance Data Helper is activated. FALSE WMI Performance Adapter Normal 0 wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 1436 0 Own Process TRUE Manual localSystem Running OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE Windows Media Player Network Sharing Service 0 Win32_Service Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play FALSE Windows Media Player Network Sharing Service Normal 1077 WMPNetworkSvc "C:\Program Files\Windows Media Player\wmpnetwk.exe" 0 0 Own Process FALSE Manual NT AUTHORITY\NetworkService Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE Parental Controls 0 Win32_Service This service is a stub for Windows Parental Control functionality that existed in Vista. It is provided for backward compatibility only. FALSE Parental Controls Normal 1077 WPCSvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted 0 0 Share Process FALSE Manual NT Authority\LocalService Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE Portable Device Enumerator Service 0 Win32_Service Enforces group policy for removable mass-storage devices. Enables applications such as Windows Media Player and Image Import Wizard to transfer and synchronize content using removable mass-storage devices. FALSE Portable Device Enumerator Service Normal 0 WPDBusEnum C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted 0 0 Share Process FALSE Manual LocalSystem Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE TRUE Security Center 0 Win32_Service The WSCSVC (Windows Security Center) service monitors and reports security health settings on the computer. The health settings include firewall (on/off), antivirus (on/off/out of date), antispyware (on/off/out of date), Windows Update (automatically/manually download and install updates), User Account Control (on/off), and Internet settings (recommended/not recommended). The service provides COM APIs for independent software vendors to register and record the state of their products to the Security Center service. The Action Center (AC) UI uses the service to provide systray alerts and a graphical view of the security health states in the AC control panel. Network Access Protection (NAP) uses the service to report the security health states of clients to the NAP Network Policy Server to make network quarantine decisions. The service also has a public API that allows external consumers to programmatically retrieve the aggregated security health state of the system. FALSE Security Center Normal 0 wscsvc C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted 784 0 Share Process TRUE Auto NT AUTHORITY\LocalService Running OK Win32_ComputerSystem ELS-PC 0 0
FALSE TRUE Windows Search 0 Win32_Service Provides content indexing, property caching, and search results for files, e-mail, and other content. FALSE Windows Search Normal 0 WSearch C:\Windows\system32\SearchIndexer.exe /Embedding 2324 0 Own Process TRUE Auto LocalSystem Running OK Win32_ComputerSystem ELS-PC 0 0
FALSE TRUE Windows Update 0 Win32_Service Enables the detection, download, and installation of updates for Windows and other programs. If this service is disabled, users of this computer will not be able to use Windows Update or its automatic updating feature, and programs will not be able to use the Windows Update Agent (WUA) API. FALSE Windows Update Normal 0 wuauserv C:\Windows\system32\svchost.exe -k netsvcs 856 0 Share Process TRUE Auto LocalSystem Running OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE Windows Driver Foundation - User-mode Driver Framework 0 Win32_Service Manages user-mode driver host processes. FALSE Windows Driver Foundation - User-mode Driver Framework Normal 1077 wudfsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted 0 0 Share Process FALSE Manual LocalSystem Stopped OK Win32_ComputerSystem ELS-PC 0 0
FALSE FALSE WWAN AutoConfig 0 Win32_Service This service manages mobile broadband (GSM & CDMA) data card/embedded module adapters and connections by auto-configuring the networks. It is strongly recommended that this service be kept running for best user experience of mobile broadband devices. FALSE WWAN AutoConfig Normal 1077 WwanSvc C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork 0 0 Share Process FALSE Manual NT Authority\LocalService Stopped OK Win32_ComputerSystem ELS-PC 0 0
kali@kali:~$
1 個解決方案
解決方案1
2 已采納 2020-09-19 12:36:39
您能否嘗試在 GNU awk使用顯示的示例進行跟蹤、編寫和測試。
awk '!/[cC]:\\[wW][iI][nN][dD][[oO][wW][sS]\\[sS][yY][sS][tT][eE][mM]32/' Input_file
或者
awk 'tolower($0) !~ /c:\\windows\\system32/' Input_file
看起來 OP 的系統沒有IGNORECASE選項,因此使用上述方法匹配小寫和大寫字母兩種情況進行匹配。
不知道它會在這里結束,因為 OP 的樣本一直在變化。 或者在這里也使用grep的 ignore 選項。
grep,剪切,sed,awk文件的第3列,一次n行,然后粘貼到n行的重復列中?
[英]grep, cut, sed, awk a file for 3rd column, n lines at a time, then paste into repeated columns of n rows?
Linux grep / awk:過濾文件中的行,但在EOF處克隆(保留或忽略)尾隨的換行符
[英]Linux grep/awk: Filter lines in a file, but clone (preserve or omit) a trailing newline at EOF
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.