SED – An Intro to Stream Editor

By
berkel8
March 13, 2011Posted in: All Articles, Tools
CLICK HERE FOR MORE DETAILS on how to utilize Ciscocmd to monitor you entire network at a glance and keep your finger on the pulse of your global communications infrastructure. […]

CLICK HERE FOR MORE DETAILS on how to utilize Ciscocmd to monitor you entire network at a glance and keep your finger on the pulse of your global communications infrastructure.

SUBSCRIBE HERE for to receive useful updates and tips for Network Administration and Automation.

An Introduction to SED.

This article is a brief introduction to Stream EDitor, a small language that can be used to manipulate files one line at a time. While SED can be used as a complex language, it is most often used in network administration for “one liners”. A one liner is a one line script that processes a file and makes simple adjustments to each line.

References:
There are some excellent SED resources available. As a refered to in an article titled AWK – A Simple Essential Language, O’Reilly media has an excellent  book titled sed & awk,Second Edition.

There are also excellent resources available on the web. An excellent online resource is SED One Liners available by clicking on the underlined link or going to the following site manually. This site covers the use of SED in one liners, which is what we are going to cover in this article.

  • http://sed.sourceforge.net/sed1line.txt
  • http://www.eng.cam.ac.uk/help/tpl/unix/sed.html

In the article on the entworkadmin.net article titled, AWK – A Simple Essential Language, we used the AWK to process a file that contained a switch MAC address database dump. We processed this file output into a structured flat file tagged with with specific information to make it more searchable.

One key element of extracting information from output of switches is to structure the information that is output.

Example:
If you see the following as output of a Cisco switch:

a1 b2 xxx c3 yyy d4
* a5 b2 c3 xxx yyy d6
a1 b2 xxx c4 d4 yyy

Suppose you are only interested in the entries preceeded by the alphabet, because you want to count how many different “d” entries exist or maybe how many times “b2″ appears in your file.

First you need to structure your data so you can easily search it. One simple way to structure data is to eliminate all unnecessary or variable data. In the example above, the “*” command does not appear on all lines so it is variable data. We have also determined it is not important. Also the “xxx” and the “yyy” do not appear in the same column positions. Again we have determined this is variable data and also we have determined it is not essential for our needs in this hypothetical example.

Now we can eliminate the variable and unnecessary data to make our data structured. We are going to use a SED “search and replace” one-liner to search for our desired fields and in this case remove them (replace them with nothing).

The syntax to perform a global search in replace is as follows:

‘s/foo/bar/g’

This would change a file with the following lines:
foo foo foo
foo

To:
bar bar bar
bar

In our case we will extend this to search for three items and replace them with nothing. If you recall, we wanted to remove “*”,”yyy”,and “xxx”. To do this we will extend the SED command shown above with semicolons.

sed ‘s/xxx//g;s/yyy//g;s/\*//g’

You can see that the entire command is delimited by the ‘ (single quote symbol) and all the other statements are simply stringing together three different SED commands. Those three commands are:

sed ‘s/xxx//g’
sed ‘s/yyy//g’
sed ‘s/\*//g’ <— You may notice the backslash in front of the asterisk command.

The backslash is used whenever you want a character that could possibly be treated as a special character within the language of SED, treated as a literal. IE – you want all asterisks removed.

Now if you run the command on the original file:

Original File:
———————
a1 b2 xxx c3 yyy d4
* a5 b2 c3 xxx yyy d6
a1 b2 xxx c4 d4 yyy

Run the following Command:
sed ‘s/xxx//g;s/yyy//g;s/\*//g’ Original-file-name

You get the following output:
————————-
a1 b2  c3  d4
a5 b2 c3   d6
a1 b2  c4 d4

You can now start to format the output:

sed ‘s/xxx//g;s/yyy//g;s/\*//g’ Orginal-file-name | awk ‘{print $1,$2,$3,$4}’

a1 b2 c3 d4
a5 b2 c3 d6
a1 b2 c4 d4

You can count the number of times each “a” entry appears:

awk ‘{print $1}’ Orginal-file-name | sort | uniq -c

2 a1 <— a1 appears twice
1 a5 <— a5 appears once.

As you can see you can directly “pipe” output of a switch into both the SED and AWK programs.

Please refer to both the SED and the AWK article when attempting to process data from the output of the ciscocmd utility. The combination of these two languages are much more powerful then each alone.

Those reference articles can be found at the following link or can be accessed by clicking on the underlined links.

Hopefully this article has been helpful to you. As always, please send any feedback to info@enetworkadmin.net. Also if you have any suggestions on future articles please forward them as well.

CLICK HERE FOR MORE DETAILS on how to utilize Ciscocmd to monitor you entire network at a glance and keep your finger on the pulse of your global communications infrastructure.

SUBSCRIBE HERE for to receive useful updates and tips for Network Administration and Automation.

About berkel8