Difference between revisions of "Find: 10 Useful Examples of Find"

From Brian Nelson Ramblings
Jump to: navigation, search
(10b) Find files modified between specific days)
(6) Find the top 5 largest files on a clients account)
 
Line 46: Line 46:
  
 
  find /var/www/ -type f -exec ls -s {} \; | sort -n -r | head -5
 
  find /var/www/ -type f -exec ls -s {} \; | sort -n -r | head -5
 +
 +
===6a) Find files larger than 1 GB ===
 +
 +
find /var/www/ -type f -size +1024M -exec ls -lh {} \; | awk '{ print $NF ": " $5 }'
  
 
===7) Find the top 5 smallest files on a clients account===
 
===7) Find the top 5 smallest files on a clients account===

Latest revision as of 01:24, 10 May 2018

Useful Examples of the Find Command

1) Finding Files with a specific name

The basic usage of the find command, Finds all files named wp-config.php. Example, find all the wp-config.php files showing all wordpress installations.

find . -name "wp-config.php"

2) Finding files with specific permissons

When running a webserver, one of the worst things you can have is a file with 777 permissions. Lets use the find command to check for files/directories with the 777 permissions

find /var/www/ -perm 777

3 Executing Commands on the Files Found by the Find Command

This is a command I use all the time, to adjust the permissions on someones web files. First command will find all files and change them to have 664 permissions

find /var/www/ -type f -exec chmod 644 {} \;

Now we will want to change all the Directories to 2755

find /var/www/ -type d -exec chmod 2755 {} \;

Now we can combine them to make them a one liner

find /var/www/ -type f -exec chmod 644 {} \; && find /var/www/ -type d -exec chmod 2755 {} \;

4) Find all empty files (zero byte file)

We have clients that run wget commands in their cron without dumping it into the /dev/null, so this leave zero byte files

find . -empty -exec ls -l {} \;

and now if you want to remove all those files

find . -empty -exec rm {} \;

5) List only the files found within the current directory

This very useful when you only want to find files in the parent directory. Lets find all the php files in a specific directory.

find /var/www/ -maxdepth 1 -type f -iname *.php 

6) Find the top 5 largest files on a clients account

Every now and then a client will get close or go over their quota and you need to find the largest files.

find /var/www/ -type f -exec ls -s {} \; | sort -n -r | head -5

6a) Find files larger than 1 GB

find /var/www/ -type f -size +1024M -exec ls -lh {} \; | awk '{ print $NF ": " $5 }'

7) Find the top 5 smallest files on a clients account

This command is basically the same as the above command just changing the sort order

find /var/www/ -type f -exec ls -s {} \; | sort -n  | head -5

8) Replace the space in pdf files with an underscore

We have clients that sometimes need to remove the space in pdf files and replace them with underscores

find /var/www/ -type f -iname “*.pdf″ -exec rename “s/ /_/g” {} \;

8.a) Convert all files to lower case

I hate files with upper case in them, lets convert all to lower case

find . -depth -exec rename 's/(.*)\/([^\/]*)/$1\/\L$2/' {} \;

9) Find files Changed in the last Hour

When clients get hacked we can run a find command to identify potental files that could have been hacked around that time. Say the files were hacked with in the last hour, we could run:

find /var/www/ -mmin -60

10) Find files Changed in the last (n) Days

Sometimes, you don't notice the hack right away and you need to search all files modified in the 2 days

find /var/www/ -mtime -2
  • tip, you can output them to a text file to provide the client so they can review the files
find /var/www/ -mtime -2 > ~/hacked-files.txt

10a) Find files modified between specific days

Say you know about what day the files were hacked, but files were change over days, you can run

find /var/www/ -type f -mtime -20 ! -mtime -10

That will find the files changed in the 20 days old and 10 days old.