Here is the output of journald via journalctl -o verbose .
I was trying to narrow it down and filter only desired values.
Fr 2016-12-02 18:54:33.675283 CET [s=asd;i=4;b=asdasd;m=asdasd;t=asdasd;x=asdasda]
PRIORITY=6
_BOOT_ID=5asd
_MACHINE_ID=3asd
_HOSTNAME=asd
_SOURCE_MONOTONIC_TIMESTAMP=0
_TRANSPORT=kernel
SYSLOG_FACILITY=0
SYSLOG_IDENTIFIER=kernel
MESSAGE=Iasdasadt
_SYSTEMD_CGROUP=/system.slice/systemd-journald.service
_SYSTEMD_UNIT=systemd-journald.service
When I apply something like -after I dump results into a .txt-
egrep -in -o --color '_SYSTEMD_UNIT=[^\n]*' /JOURNALD/verbose.txt
It returns;
_SYSTEMD_UNIT=systemd-jour
Instead of;
_SYSTEMD_UNIT=systemd-journald.service
I believe I am absolutely missing a fundamental point. However, I was unable to find it up until now. Do not hesitate to share your ideas.
\n in your regular expression doesn't match newlines; it's matching the "n" in "journald." ([^\n] is matching anything but a literal \ or n character here.) You should instead use .*$, which matches any sequence of characters up to the end of the line:
egrep -in -o --color '_SYSTEMD_UNIT=.*$' /JOURNALD/verbose.txt