How To Use Powershell Grep Equivalent “Select-String Cmdlet” | 2 Best Examples

Grep or Select-String is one of the first commands in Linux that many system administrators learn. This time-tested instrument has been around for years and is an essential part of any administrator’s toolkit. The basic function of Powershell Grep is to search the plain text for a RegEx pattern. Powershell Grep can output matches by searching files in a specified directory or streaming input.

How To Use Powershell Grep Equivalent "Select-String Cmdlet" | 2 Best Examples

The Powershell grep command can be used in Linux to search through a string or log files. We can use Select-String, which is grep’s counterpart in PowerShell. Using this effective cmdlet, we can achieve outcomes that are nearly identical.

Method To Use Powershell Grep Equivalent “Select-String Cmdlet”

We can locate matches using PowerShell grep Select-String in three different ways.

  1. To stream text into the Select-String cmdlet, pipe in the text that is being quoted.
  2. To indicate which files to look in, use the Path argument.

1. Simple Matching in Files

Let’s start with a very basic example and search for “alpha” in a few CSV files.

Select-String -Path "Users\*.csv" -Pattern "alpha"
Select-String -Path "Users\*.csv" -Pattern "alpha"

The fact that “alpha” is highlighted on the line with the other data indicates how straightforward this is. Let’s examine each of the attributes of a returned match.

Select-String -Path "Users\*.csv" -Pattern "alpha" | Select-Object * -First 1
Select-String -Path "Users\*.csv" -Pattern "alpha" | Select-Object * -First 1

We have a few practical properties at our disposal. The line, course, pattern, and matches especially. The matches property contains much of the information we need.

Select-String -Path "Users\*.csv" -Pattern "alpha" | Select-Object -ExpandProperty Matches -First 1
Select-String -Path "Users\*.csv" -Pattern "alpha" | Select-Object -ExpandProperty Matches -First 1

2. Searching with the Context

Context is highly helpful in troubleshooting since it clarifies what is happening both before and after an event occurs. Let’s look for this suspendedpage.cgi text in an Apache log.

There is one line before the match and one line after the match, and the symbol > simple denotes the matched line. This could indicate that the Google bot was trying to find a robots.txt file when it unluckily found a suspendedpage.cgi result. 

You can see that there is PreContent and PostContent if we expand on that property. This implies that, if necessary, you can manipulate this later on.

Select-String -Path "Web\*.txt" -Pattern "suspendedpage.cgi" -Context 1 | Select-Object -ExpandProperty Context -First 1 | Format-List

In articles like Making Sense of the Microsoft DNS Debug Log, which explains using Select-String to look a DNS debug log, there are further examples of searching through log files.

Select-String parameters

AllMatches: With this parameter, the Select-String cmdlet will seek for more than one match instead of just the first one in each line as it normally does. Each line will still receive a single MatchInfo object, but it will now contain all of the matches.

CaseSensitive: Because matches by default do not take the case into account, this option compels the cmdlet to look for matches that exactly match the input pattern.

Context: Context is a very helpful feature since it allows you to specify the number of lines that will be displayed before and after the match. By including this option, the MatchInfo object that is output is changed to add a new Context property that contains the provided lines.

Culture: This defines a culture to be matched with the given pattern when used with the SimpleMatch option. This contains choices like en-US, es, or fr-FR, for instance. The Ordinal and Invariant selections are a couple of additional helpful choices. Ordinal is used for non-linguistic binary comparisons, while Invariant is used for comparisons across cultures.

Encoding: Choose the target file’s encoding, which is by default set to utf8NoBOM.

  • utilises the ASCII (7-bit) character set’s encoding.
  • Unicode: Uses the big-endian byte order to encode data in UTF-16 format.
  • oem: Uses the MS-DOS and console programmes’ default encoding.
  • Unicode: Uses the little-endian byte order to encode data in UTF-16 format.
  • utf7: Uses UTF-7 encoding.
  • utf8: Uses UTF-8 encoding.
  • encoding in UTF-8 format with Byte Order Mark (utf8BOM) (BOM)
  • encoding in UTF-8 format without a Byte Order Mark (utf8NoBOM) (BOM)
  • utf32: Uses the UTF-32 encoding format.

Beginning with PowerShell Core 6.2, the Encoding argument also takes string names like “windows-1251″ or numeric IDs of registered code pages like 1251.

LiteralPath: Instead of using values like * as a wildcard, LiteralPath instructs Select-String to utilize the values as input. To prevent interpretation, surround any escape characters in single quote marks if the path contains them.

Exclude: Using a pattern, such as *.txt, exclude particular objects using the Path argument.

NoEmphasis: Disables the highlighting of matches by not highlighting the string that the pattern is matched on. Negative colors are used by default for emphasis dependent on the backdrop text colors.

NotMatch: Search for the text that does not fit the given pattern using the NotMatch function.
Path: Enter the path to the files you want to search for. Although wildcards are allowed, you cannot provide just a directory. The local directory is used by default.

Pattern: The pattern to look for when using RegEx to search the input content or files.

SimpleMatch: Instead of using regular expressions, use a simple match. RegEx is not utilized, hence the Matches field of the returned MatchInfo object is empty.

Include: Similar to the Exclude option, the Include parameter will only include the items that match a pattern, such *.log.

List: Only the first instance of each input file’s matching text file will be returned as a list. This is meant to be a quick and effective approach to get a list of files with similar contents.

Raw: Don’t output a MatchInfo object; only the matching strings. The behavior that most closely resembles Powershell Grep is this, not PowerShell’s more object-oriented structure.

Quiet: If the pattern is detected, only return $true or $false.