Grep? Why not awk?

by Joost Agterhoek — on  ,  ,  ,  , 


Jumping from basic Windows understanding to a command-linebased distro (the declarative and atomic NixOS) quite literally forced me to learn and use fundamental Linux commands. One of the tools I kept coming back to, was grep.

Can't find a file? Pipe ls output to grep and see what's there. Looking for a particular text? Throw some simple regular expressions at grep and refine. At home I still have a book (that's older than me) about Linux administration and I remember looking up some grep options and flags there.

Some would say a step up from grep is awk, which like sed and grep is a filter and can be used as a data extraction and reporting tool (thank you Wikipedia. One thing that held me back from using awk was how it is usually described as 'a programming language in itself'. With enough programming selfstudy on my plate, I kept putting it on the shelf, instead opting for extended and needlessly complicated grep command lines.

Until I found a purpose for awk. In the same vein as my dislike of cloud environments, it took getting my hands dirty and applying a vague or intimidating topic or tool to a practical problem. In this case, awk helped me look through a list of URLs, usernames and passwords and making subselections for the purpose of threat hunting. Useful commands are for example:

grep _term_ _sourcefile_ | awk 'BEGIN { FS = ":"}; {print $1,$2}'

I understand using 'BEGIN {...' is used more in awk scripting then commandline-usage, but is more human-readable and comprehensive (which I like).