How to regex strace process?

Question

I'm trying to strace a multithereaded process with this command:

sudo strace -p1523 -e write -f

But it outputs a lot of unnecessary information example:

[pid  1166] write(6, "\26\3\1\2\0\1\0\1\374\3\3\247\321\336S\265c\321]\322\276\273\361]\24\313e\341c2a\334"..., 517) = 517
[pid  1166] write(6, "\26\3\3\0F\20\0\0BA\4\223\26\337\256\244\3429\306p\216\3231Zt\346xhi\343\261\215"..., 126) = 126
[pid  1166] write(6, "\27\3\3\1\230D\374\356\350\233O\305K\246\331`\311\300\265y\215\225\201\33\364\335\336\336\231\311z\355"..., 413) = 413
[pid  1166] write(6, "\25\3\3\0\32D\374\356\350\233O\305L\357\313\226\302$U?a\304\250s\264\16)\\\315N\270", 31) = 31
[pid  1166] write(1, "None\n", 5)       = 5

How I could trace only the text in in this regex write\(1, "(.*)", [0-9]*\) ?

I tried with:

sudo strace -p1157 -e trace=/write\( -f

#output ------------
strace: regcomp: write(: Unmatched ( or \(

#also
sudo strace -p1157 -e trace=/write\(1.*\).* -f
#output ------------
strace: invalid system call '/write(1.*).*'

Are the strace regex different in some way?

Answer 1

Like this:

sudo strace -f -p1523 -e write 2>&1 | grep -o 'write([^)]\+)'

or with bash:

sudo strace -f -p1523 -e write |& grep -o 'write([^)]\+)'

Output

write(6, "\26\3\1\2\0\1\0\1\374\3\3\247\321\336S\265c\321]\322\276\273\361]\24\313e\341c2a\334"..., 517)
write(6, "\26\3\3\0F\20\0\0BA\4\223\26\337\256\244\3429\306p\216\3231Zt\346xhi\343\261\215"..., 126)
write(6, "\27\3\3\1\230D\374\356\350\233O\305K\246\331`\311\300\265y\215\225\201\33\364\335\336\336\231\311z\355"..., 413)
write(6, "\25\3\3\0\32D\374\356\350\233O\305L\357\313\226\302$U?a\304\250s\264\16)
write(1, "None\n", 5)