so i am trying to grab certain output from grep command
here is the command i am trying
nslookup -type=TXT "_dmarc.$domain" | grep -Eo '\s*reject|\s*quarantine|\s*none|\s*no answer' || echo "no answer"
its working pretty good for normal domains. the trouble starts when the dmarc record has this output
v=DMARC1; p=reject; sp=none; adkim=s; aspf=s; rua=mailto:dmarc@domain.com; ruf=mailto:dmarc@domain.com
i dont know much about grep but i tired using match case but now the output is
root@main-room:~/spfscript/newupdate# nslookup -type=TXT "_dmarc.domain.com" | grep -Eo '\s*reject|\s*quarantine|\s*none|\s*no answer' || echo "no answer"
reject
none
root@main-room:~/spfscript/newupdate#
because p=reject and sp=none i am not able to control the grep to only present me with "p=" policy
please help me in this
let me know what i can do more. i tried adding space but i am not sure if i am doing it correctly.
You need to match p= before the words you're looking for, and there must be a space or ; before p so it won't match sp=.
grep -Eo '[\s;]p\s*=\s*(reject|quarantine|none|no answer)'
You can remove everything up to p= from the beginning after assigning the variable.
If you're using GNU grep, you can use PCRE. Then p= can be a lookbehind and you won't have to remove it after, and you can use \b to match a word boundary.
grep -Po '(?<=\bp=)(reject|quarantine|none|no answer)'