All,
I'm looking for a search utility that will allow me to define one or more regular expressions and search a file (or all files on a live system) for all occurrances. I need the utility to return the itemst that it finds.
For example, lets say I define a regular expression as "\w{3,5}", meaning all words 3 to 5 characters long. If I give the utility a filename and the regex above, I'd like it to return all occurrances of that regex that match.
Anyone know of anything like this the runs on Windows? How about anything free?
Thanks,
Harlan
http//
Have you tried this free tool?
"Spider's purpose is to identify files that may contain confidential data. It scans a collection of files, searching for patterns of numbers or letters that resemble Social Security numbers or credit card numbers (additional search patterns can be created using Unix regular expressions). Spider creates a log that lists all the files identified as potentially containing confidential data. The person using Spider should then look through this log, examine each of the files listed, and take steps to protect any files that prove to contain confidential data. Protection steps may include encrypting files, or moving files to a secure server or to offline storage. It is against University policy to keep sensitive data on an unsecured workstation."
It does need .Net
Not exactly free, but I think dtSearch also fits for your requirements. The disadvantage is that you have to create an index first.
Tell us if you find something more direct for these kind of searches!
Command Pack 1.0 $30
http//
SAS Free
http//
The Cornell offering (spyder) is ok, but doesn't present to results very well.
It gives you a list of files that you then have to go and search through.
But, it is free too.
FTK has a limited search function that you may be able to customize. I've done it for INFO2 files. Also, WINHEX has a very good data carving feature. Check out
-Dawson
Perl2exe allows perl files to be created as standalone exe's for Windows or unix. So if you know perl and can write your regular expressions in it then you should be good to go. It requires a registration fee.
I've never used it (but planned to shortly) - heres the link anyways - http//
Ronan
Not exactly free, but I think dtSearch also fits for your requirements. The disadvantage is that you have to create an index first.
Tell us if you find something more direct for these kind of searches!
DTsearch will search without an index. It's called an unindexed search.
Check this out http//
DTsearch is a great tool with tons of options. It also has command line options. We use it to keyword search large scale data on a daily basis.
Greetings,
DTsearch's ability to query databases is pretty slick. They mention Linux in passing but really don't provide any detail. Have you had any experience using it to search non-Windows filesystems?
Anything else out there worth looking at on par with DTsearch?
-David
Greetings,
DTsearch's ability to query databases is pretty slick. They mention Linux in passing but really don't provide any detail. Have you had any experience using it to search non-Windows filesystems?
Anything else out there worth looking at on par with DTsearch?
-David
I've only read about the engine that runs on Linux I've never actually used it. We have used the windows version to search Mac data in the past. I think there were some issues with special characters though. The boolean searching seems to be the standard and the easiest method to use. I still don't understand why Guidance doesn't have it in Encase. I don't think the Mercury add on does either. I asked them about it when I was demoing the software and the response was to use regular expression.
Splunk
It is not just extremely robust, it also allows saving searches and re-applying it to new sets of data.