一、模糊匹配
模糊匹配用 ~ 表示包含,!~表示不包含
1、匹配含有root的列
[root@localhost ~]#awk -F: '/root/' /etc/passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
[root@localhost ~]#awk -F: '$1~ /root/' /etc/passwd
#模糊匹配 只匹配第一列含有root 的行
root:x:0:0:root:/root:/bin/bash
[root@localhost ~]#awk -F: '$1~/ro/' /etc/passwd
#只要第一列有ro就匹配上
root:x:0:0:root:/root:/bin/bash
chrony:x:995:991::/var/lib/chrony:/sbin/nologin
setroubleshoot:x:993:988::/var/lib/setroubleshoot:/sbin/nologin
[root@localhost ~]#awk -F: '$7~/nologin/ {print $1,$7}' /etc/passwd
#只要第7列有nologin 就打印出第1列和第7列
bin /sbin/nologin
daemon /sbin/nologin
adm /sbin/nologin
2、打印1-200之间所有能被7整除并且包含数字7的整数数字
[root@localhost ~]#seq 200 | awk '$1%7==0'
7
14
21
28
35
......
182
189
196
[root@localhost ~]#seq 200 | awk '$1%7==0 && $1~/7/'
7
70
77
147
175
3、提取内存占用总内存的百分比
1.方法一
[root@localhost ~]#free
total used free shared buff/cache available
Mem: 7994076 297020 7334304 9316 362752 7411588
Swap: 5238780 0 5238780
[root@localhost ~]#free -m |awk '/Mem:/ {print int($3)}'
290
[root@localhost ~]#free -m |awk '/Mem:/ {print int($2)}'
7806
[root@localhost ~]#free -m |awk '/Mem:/ {print $3/$2}'
0.0371509
[root@localhost ~]#free -m |awk '/Mem:/ {print $3/$2*100}'
3.71509
[root@localhost ~]#free -m |awk '/Mem:/ {print int($3/$2*100)"%"}'
3%
2.方法二
[root@localhost ~]#free
total used free shared buff/cache available
Mem: 7994076 297020 7334304 9316 362752 7411588
Swap: 5238780 0 5238780
[root@localhost ~]#free -m |awk '/Mem:/ {print int($3)}'
290
[root@localhost ~]#free -m |awk '/Mem:/ {print int($2)}'
7806
[root@localhost ~]#free -m |awk '/Mem:/ {print $3/$2}'
0.0371509
[root@localhost ~]#free -m |awk '/Mem:/ {print $3/$2*100}'
3.71509
[root@localhost ~]#free -m |awk '/Mem:/ {print int($3/$2*100)"%"}'
3%
[root@localhost ~]#free -m |awk '/Mem:/ {print $3/$2*100}'|awk -F. '{print $1}'
3
[root@localhost ~]#free -m |awk '/Mem:/ {print $3/$2*100}'|awk -F. '{print $1"%"}'
3%
4、查看暴力破解密码主机的IP地址
1.使用awk方法破解
[root@localhost ~]#cat /var/log/secure
[root@localhost ~]#cat /var/log/secure|awk '/Failed/{print $13}'
192.168.56.254
192.168.56.254
192.168.56.254
[root@localhost ~]#cat /var/log/secure|awk '/Failed/{print $13}'|sort -n
192.168.56.254
192.168.56.254
192.168.56.254
[root@localhost ~]#cat /var/log/secure|awk '/Failed/{print $13}'|sort -n|uniq -c
3 192.168.56.254
2.使用循环方法破解
[root@localhost ~]#cat /var/log/secure
[root@localhost ~]#awk '/Failed/{ip[$13]++}END{for(i in ip){print i"," ip[i]}}' /var/log/secure
192.168.56.254,3
[root@localhost ~]#awk '/Failed password/{ip[$13]++}END{for(i in ip){print i"," ip[i]}}' /var/log/secure
192.168.56.254,3