For the uninitiated, a pattern searching tool like findstr may seem useless. But when dealing with system-generated log files or command line outputs containing hundreds of lines of text, findstr is just the tool you need.
Users of a Linux operating system would be already familiar with the incredible utility of the Grep command, and findstr fulfills a similar role in Microsoft Windows. You can combine it with other commands using pipes or just run it directly to parse through multiple text files. Let’s look at how findstr works with a few examples.
Using the Findstr Command
The basic syntax is simple – findstr
findstr SFC example1.txt
This command will find and output all lines containing the search string SFC. Note that by default, findstr is case-sensitive, so any mentions of SFC will not be matched.
You can further customize how findstr works by including optional parameters. Switches like /B or /I modify the behavior of findstr, imposing additional conditions on the search. For example:
findstr /I SFC example1.txt
Including /I as a parameter makes the search case insensitive, allowing all mentions of the term to match, regardless of their capitalization. You can find the list of all parameters of findstr in the official Microsoft docs.
Parameters aren’t the only way you can customize findstr. Enclosing the
findstr “SFC DISM” example1.txt
The above will return matching lines containing either of the terms. This makes it useful when looking for a mention for an item with different names.
Findstr is capable of searching through multiple files. Changing
findstr SFC *.txt
Using the wildcard character matches the regex to all text files in the current directory and its subdirectories. The results are likewise segregated by filenames, letting you see which line originated from which file.
Like most cmd commands, findstr can also be used on the output of other commands. Just add a pipe after the end of the target command and invoke findstr without a
dir | findstr .txt
This runs a findstr search on the output of the dir command, returning the file list ending with .txt. Of course, this particular example is useless in practice since dir can already locate files of the same type with a regular expression.
One can also take the longer route of redirecting the output to a text file and then using findstr on the text file, but it is easier to cut the middleman.
Applications of Findstr in Windows
The obvious uses of findstr are readily apparent from the syntax alone. You can look for text files with a specific text string or see if a particular string is contained in a file.
This, while theoretically useful, rarely sees use outside of rare cases. In the age of cloud services like Google Docs, most people no longer have many text files.
The actual applications of findstr are a bit more subtle and involve more powerful results. Here are some of the more interesting examples.
Finding Specific Types of Files
The dir command already includes the option to search for filenames using regular expressions. But with findstr, you can search for files sharing other attributes, such as the time or date of creation.
Suppose an error occurred at 06:43 PM, and you want to locate all log files created at that time. With the dir command alone, you will have to manually sift through the results or get all the log files and compare them. Using findstr, this becomes a simple command.
dir | findstr 06:43
You can try the same trick to find files created on a particular date or get a list of directories.
dir | findstr DIR
Filtering Network Information With Netstat
Netstat is a handy Windows command that gives you all the information about your computer’s network connections—too much information, which is where findstr comes in.
Piping netstat’s output into findstr lets you search for connections with specific properties. For example, this is how you can get a list of all established connections.
netstat | findstr ESTABLISHED
This trick is useful when diagnosing network issues. You can even use findstr with an application PID to find all connections opened by a particular process.
netstat -o | findstr 13120
Obtaining Specific IP Addresses
The ipconfig command lets you view details of all network interfaces of the systems, including IP addresses. You can use findstr to extract a particular type of IP address without having to scroll through the whole thing.
ipconfig | findstr Temporary
You can extend this method to obtain any information from ipconfig, from the subnet masks to gateway addresses.
Analyzing Script Files
Whichever programming language you code in, the script files are ultimately just text. This means you can use findstr to analyze scripts and retrieve specific sections without scouring through the whole code.
Say we want to see how the if statement has been used in a particular script. We can use the following command:
findstr if script.ahk
Not only will this display the lines using the if statement, but it will also show us the expressions used. You can also include the /N parameter to display the line numbers, which is very handy for script files.
findstr /N if script.ahk
Is Findstr Worth Using?
The main difficulty in navigating the command line interface is the amount of text one needs to sift through. Findstr is an essential tool for extracting useful information and filtering out junk.
Since all terminal commands give a text-based output, findstr can always be used to locate the relevant data. From troubleshooting network issues to finding the correct files, every action is made more efficient with findstr.
Even outside of its synergy with other commands, findstr is helpful for its ability to traverse the contents of text files. You can find specific errors in machine-generated log files or retrieve sections of code in a complex script.
In short, findstr is an indispensable tool in the arsenal of any advanced Windows user, especially one intending to get familiar with the command line interface.