grep — System Administration

grep -P '^\[.*\] \[ALPM\] installed' /var/log/pacman.log | tail -10

grep -P "^\[$(date +%Y-%m-%d).*\] \[ALPM\] installed" /var/log/pacman.log

grep -P '^\[.*\] \[ALPM\] upgraded' /var/log/pacman.log | tail -20

journalctl -p err --since "1 hour ago" --no-pager | grep -oP '(?<=: ).*' | sort | uniq -c | sort -rn | head -10

systemctl list-units --type=service --state=running --no-legend | grep -c ''

systemctl list-units --failed --no-legend | grep -oP '^\S+'

ps aux | grep -P '[n]ode.*antora'
# Bracket trick: [n]ode prevents grep from matching itself

ss -tlnp | grep -P ':\d+\s' | awk '{print $4, $6}'

grep -oP '^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}' /var/log/pacman.log | head -5

grep -P '^\[2026-04-11T1[45]:' /var/log/pacman.log

grep -oP '^\[\d{4}-\d{2}-\d{2}T\K\d{2}' /var/log/pacman.log | sort | uniq -c

grep -i 'error' /var/log/*.log 2>/dev/null | grep -oP '(?<=: ).*' | sort | uniq -c | sort -rn | head -10

tail -f /var/log/pacman.log | grep --line-buffered 'installed'

grep -Pzo 'BEGIN TRANSACTION.*?END TRANSACTION' logfile

grep -nP '^alias ' ~/.zshrc

grep -nP '^(\w+\(\)|function \w+)' ~/.zshrc

grep -nP '^export ' ~/.zshrc ~/.zprofile 2>/dev/null

grep -nP 'PATH' ~/.zshrc ~/.zprofile 2>/dev/null

grep -cP '^bind' ~/.config/hypr/hyprland.conf

grep -oP '^bind[a-z]*' ~/.config/hypr/hyprland.conf | sort | uniq -c | sort -rn
# Output: 85 bind, 30 binde, 20 bindl, 14 bindm

grep -nP '^\$mainMod,' ~/.config/hypr/hyprland.conf | head -10

grep -P '^Host\s' ~/.ssh/config 2>/dev/null