How do you use awk, sed, and grep together to parse log files?

Medium Topic: Linux May 24, 2026

These three tools form the backbone of Linux log analysis:

# grep: Filter lines containing "ERROR"
grep "ERROR" /var/log/app.log

# awk: Extract specific fields (e.g., column 3 of an NGINX access log)
awk '{print $3}' /var/log/nginx/access.log

# sed: Replace or transform text
sed 's/ERROR/CRITICAL/g' app.log

# Combined pipeline: Find ERROR lines, extract IP (field 1), count by IP
grep "ERROR" /var/log/nginx/access.log \
  | awk '{print $1}' \
  | sort \
  | uniq -c \
  | sort -rn \
  | head -10

← Previous Explain how the Linux kernel handles I/O with... Next → What is the purpose of /etc/hosts and how...

Practice Similar Questions

What is the difference between SSH key authentication and password...

Easy

What is a Load Average in Linux and how do...

Hard

Explain file permissions in Linux (rwx, octal notation) and when...

Medium

Back to Linux Topics