How to use PowerShell's Grep

Windows 10 Aug 17, 2021

One command that is prominent in Linux system administrators tool box is grep.  This tool's core ability is to be able to search plain text for a RegEx pattern.  Grep can search files in a given directory.

In the PowerShell world do we have that command? Well, kind of.

Select-String can be used to help search for text or text patterns in input strings and files.   It's very similar to grep or even findstr in Windows.

There are three ways you can use Select-String, you can pipe in quoted text, use text stored in a variable or use the Path parameter to specify files to search for the text in.

Examples

We can search for text within files with the command example of:

Select-String -Path "*.csv" -Pattern "Rachel"
Select-String result

The result of this Select-String search is finding the name Rachel within the file twice.

You may want to find an event within a Windows Event Log and rather than sit and search through you can use the Select-String command.

#Let's get the 50 most recent events from the System Log and store the information in the variable events

$Events = Get-WinEvent -Log System -MaxEvents 50

#We send the variable into the Select-String pipeline and it searches for any events that have delete operations in them

$Events | Select-String -InputObject {$_.message} -Pattern 'Delete'
Searching Events Logs with Select-String

So the above command collects the last 50 events from the System log and then using Select-String we look for any events that have the string delete in them.

Hopefully this has given you some inspiration on how to use grep within PowerShell! 👍

Tags

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.