----

log file administration

RHEL 5: syslogd -  /etc/syslog.conf RHEL 6: rsyslogd - /etc/rsyslog.conf

Find text in files using the Linux grep command

grep -R "content_to_search" /path/to/directory

Task: Only display filenames

# find . -type f -size -1M

# find . -type f -size +1M          search for files with size greater than 1MB, then you need to use the plus +

# find . -type f -size +1M -size 21M    search for files within a size range. The following command will find all files between 1 and 2MB:

NOTE : egrep -v '^#|^$' will hide the lines starting with # and all blank lines.

 # egrep -v '^#|^$' /etc/squid/squid.conf

grep all your logs for the error:

# egrep -r '(error|fatal|panic):' /var/log

# egrep -r '(NOQUEUE|reject|deferred):' /var/log/maillog             #[ Mail LOG]

Command to view the files older than X days

$ find . -mtime +180 -print

$ find /to/your/directory -mtime +180 -print

To see all the mp4 and mov files that start with either “foo” or “bar”:

$ ls +(foo|bar)*+(.mp4|.mov)

To list all the files except ones matching *.mp4:

$ ls -l !(*.mp4)

OR delete all the files except ones matching *.gif files:

$ rm -v !(*.gif)

File Remove Spacific Time

rm -rf 2012-01-*

only remove files from 2020, and only 2020,[Delete all files created in specific year

find /home/info/Maildir/cur/* -type f -newermt 2020-01-01 \! -newermt 2021-01-01 -exec rm -fv \{\} \;

find /path/to/files -type f -newermt 2017-01-01 \! -newermt 2018-01-01 -exec rm -fv '{}' +

find /path/to/files -type f -newermt 2017-01-01 \! -newermt 2018-01-01 -delete;

Note that using:

Code:

find /path/to/files -type f -newermt 2017-01-01 \! -newermt 2018-01-01 -exec rm -fv \{\} \;

will invoke the rm utility once for each of the 200K files you want to remove. That is always going to be relatively slow. If you change that command to:

Code:

find /path/to/files -type f -newermt 2017-01-01 \! -newermt 2018-01-01 -exec rm -fv '{}' +

then the find utility will group together a large number of files to be processed by each invocation of the rm utility and run considerably faster.

And, as stated before but not told how, don't use rm live until you have verified that find is correctly selecting the files you want to process. I would suggest using:

Code:

find /path/to/files -type f -newermt 2017-01-01 \! -newermt 2018-01-01 -exec echo rm -fv '{}' +

first, and, if that produces commands that have correctly identified the files you want to remove, rerun the command without the echo.

# Remove older then 1 hour:

find /oracle/greporadb/admin/greporadb/adump -name "*.aud" -cmin +60 -exec rm {} \;

are older than 15 minutes:

find . -name "access*.log" -type f -mmin +15 -delete

delete messages from .maildir/cur/ with custom subject [sub: lfd on mail]

# egrep -R -l "lfd on mail" | xargs rm -f

Script to clean up old Trash, Junk and Spam mail.

#!/bin/bash MAILDIRS=$(find /var/vmail/*/*/Maildir/ -maxdepth 0 -type d) for basedir in $MAILDIRS; do   for dir in .Trash .Junk .Spam .Low\ Priority; do     for dir2 in cur new; do       [ -e "$basedir/$dir/$dir2" ] && (         echo "Processing $basedir/$dir/$dir2..."         find "$basedir/$dir/$dir2/" -type f -mtime +30 -delete       )     done   done done 

  OR--- remove 30 day old mail

# find /var/vmail/*/*/.Maildir/cur/ -mtime +30 -exec rm {} \;

# find /home/vmail/*/*/.Maildir/cur/* -mtime +60 -exec rm {} \;          [-- Best---]

# find /home/vmail/*/*/cur/* -mtime +60 -exec rm {} \; \

# find /home/vmail/*/*/new/* -mtime +60 -exec rm {} \; \ 

# find /home/accesstel/Maildir/cur/* -mtime +60 -exec rm {} \;          [-- Best---]

 Delete files in a directory on CentOS 7 that are older than one year (365 days),

 cd /path/to/your/directory

find . -type f -mtime +180 -exec rm -f {} \;

find /path/to/your/directory -type f -mtime +365 -exec rm -f {} \;

PostfixAdmin

#  find /home/vmail/worldcm.net/u1@worldcm.net/cur/* -mtime +60 -exec rm {} \;              [inbox]

#  find /home/vmail/worldcm.net/u1@worldcm.net/new/* -mtime +60 -exec rm {} \;

#  find /home/vmail/worldcm.net/u1@worldcm.net/.Sent/cur/* -mtime +60 -exec rm {} \;          [sent]  

#  find /home/vmail/worldcm.net/u1@worldcm.net/.Sent/new/* -mtime +60 -exec rm {} \;

 Remove files older then 30 mins 

# cd /home/accesstel/Maildir/cur/

 find . -mtime +30 | xargs rm -Rf            [-- Best---]  

 find ./ -exec rm -rf {} \;      [-- Best---Argument list too long]

Delete All Files in a Directory Except One or Few Files with Extensions

rm -v !("filename1"|"filename2") 

rm -i !(*.zip)

rm -v !(*.zip|*.odt)

The following command will delete all files apart from .gz files in the current directory:

 # find . -type f -not -name '*.gz'-delete    [ All delete apcept .gz file]

#  find . -type f -not \(-name '*gz' -or -name '*odt' -or -name '*.jpg' \) -delete

# find /var/log/ -type f -name '*.gz' -execdir rm -- '{}' +   [Delete all .gz file - apcept all]

find / -type f -name '*.gz' -execdir rm -- '{}' + 

find . -type f -name '*.gz' -execdir rm -- '{}' +

Delete Files with Specific Extension

Instead of deleting all files, you can also add more filters to find command. For example, you only need to delete files with “.log” extension and modified before 30 days.

For the safe side, first do a dry run and list files matching the criteria.

find /var/log -name "*.log" -type f -mtime +30

Once the list is verified, delete those file by running the following command:

find /var/log -name "*.log" -type f -mtime +30 -exec rm -f {} \;

Delete Files Older Than x Days on Linux

Last 10 day mail 

   find /home/outmail/Maildir/cur/ -type f -mtime +10 | xargs rm -f

Or,

  find /home/outmail/Maildir/cur/ -mtime +10 -exec rm -f {} \;

Or,

  find /home/outmail/Maildir/cur/ -mtime +20 -delete;

[ -mtime, is used to specify the number of days old that the file is. If you enter +60, it will find files older than 60 days.]

# find /home/accesstel/Maildir/cur/* -mtime +60 -exec rm {} \;          [-- Best---]

# find /home/accesstel/Maildir/cur/ -mtime +60 -type f -delete

 #    find /u01/app/oracle/diag/rdbms/TEST/TEST/trace/*.trc +30 -exec /bin/rm -rf {} \;

#    find ./ -name '*.log' -mtime +30 -exec rm {} \; 

#    find /var/log/httpd/ -type f -name '*.log' -mtime +30 -exec rm {} \;

To delete all files and directories within the current directory - 30 Days OLD-- * if [ -bash: /usr/bin/find: Argument list too long]

# cd /home/accesstel/Maildir/cur/

 find . -mtime +30 | xargs rm -Rf            [-- Best---]                

 find . -mtime +30 -exec rm -Rf -- {} \;

 find . -mindepth 1 -mtime +30 -delete

find . -mtime +3 | xargs rm -Rf

find . -mtime +3 -exec rm -Rf -- {} \;

Delete everything in your current working directory older than 180 days

$ find . -mtime +180 -delete; $ find . -mtime +180 -exec rm -f {} \;

In order to overcome such scenario you can use the below command's

# find /var/log/httpd/i -type f -name '*.log' -mtime +10 -exec ls -ltr {} \;

This command will ensure that all the arguments are passed properly and those files are lsted with last access time

Command to remove the files accessed before 10 days

# find /var/log/httpd/ -type f -name '*.log' -mtime +10 -exec rm {} \;

Example: delete files older than one year

find /path/to/source  -mtime +365 -exec rm {} \;

Example: move files older than one year.

find /path/to/source -mtime +365 -exec mv {} /path/to/destination/ \;

Example: find files which file name starts ABC and older than 30 days and move.

find . -name "ABC*.csv" -mtime +30 -exec mv {} /path/to/destination/  \;

 # find ./ -name '*.log' -mtime +10 -exec rm {} \;

 # find /var/log/httpd/ -type f -name '*.log' -mtime +10 -exec ls -ltr {} \;

 # find /var/log/httpd/ -type f -name '*.log' -mtime +10 -exec rm {} \;

Remove files older than x days like this

# find /path/* -mtime +x -exec rm {} \;

Delete files older than 30 days in Linux

# find <folder_path to delete the old files> -type f -mtime +30 | xargs rm -f

# find <folder_path to delete the old files> -type f -mtime +30 -exec rm -f \;

# find /path/to/files* -mtime +30 -exec rm {} 

# find /path/to/files* -mtime +30 -exec rm {} \;

# find /home/sk/Downloads -mtime +30 -exec rm -f {} \;

# find /home/sk/Downloads -mtime +30 -delete;

Find Specific Files and Delete

Find all .mp3 files with more than 10MB and delete them using one single command.

# find / -type f -name *.mp3 -size +10M -exec rm {} \;

 cd /home/someuser/.Maildir

cleanup-maildir --age=30 archive 'Sent Items'

cleanup-maildir --age=60 delete ''

/home/someuser/.Maildir

SEARCHING AND FILE OPERATIONS IN LINUX

TOP 10 largest file

# find /var -type f -ls | sort -k 7 -r -n | head -10

FIND FILES MORE THAN 5Gb

# find /var/log/ -type f -size +5120M -exec ls -lh {} \;

Find all temp files older than a month and delete:

# find /usr/home/admin/Maildir/new -mtime +30-type f | xargs /bin/rm -f

# find /usr/local/apache -mtime +30-type f | xargs /bin/rm -f

# find /usr/home/admin/Maildir/new -mtime +30-type f | xargs /bin/rm -f

# find /usr/local/apache* -type f -mtime +30 -exec rm ‘{}’ ‘+’

# find /home/ksucre/Maildir/new/ -mtime +50-type f | xargs /bin/rm -f

# find /usr -size +5000M

To find files older than, for example, 10 days.

# find /home/user1/Maildir/new -mtime +10

Find files older than, say, 30 minutes:

# find /tmp -mmin +30

Move command

Combine commands: scripts .sh

wo command to archive the images older than 10 days and delete them from the archive folder if they are older then 30 days.

We are going to create a shell script that will do that and we can run it with a crontab.

This command should work on most of the Linux distributions.

 Delete All the Files on a Particular Date

#  rm `ls -ltr|/usr/xpg4/bin/grep -E ‘Oct 20|Oct 23’|awk {‘print $9’}`

                           ----------------------------------X--------------------------------------------

Removing Directories with find

find is a command-line utility that allows you to search for files and directories based on a given expression and perform an action on each matched file or directory.

The most common scenario is to use the find command to delete directories based on a pattern. For example, to delete all directories that end with _cache in the current working directory, you would run:

find . -type d -name '*_cache' -exec rm -r {} +

Let’s analyze the command above:

• • /dir - recursively search in the current working directory (.).

  • -type d - restricts the search to directories.

  • -name '*_cache' - search only directories that end with _cache

  • -exec - executes an external command with optional arguments, in this case, that is rm -r.

  • {} + - appends the found files to the end of the rm command.

Removing all empty directories

To remove all empty directories in a directory tree you would run:

find /dir -type d -empty -delete

Here is an explanation for the options used:

• • /dir - recursively search in the /dir directory.

  • -type d - restricts the search to directories.

  • -empty - restricts the search only to empty directories.

  • -delete - deletes all found empty directories in the subtree. -delete can delete only empty directories.

Use the -delete option with extreme caution. The find command line is evaluated as an expression, and if you add the -delete option first, the command will delete everything below the starting points you specified.

Always test the command first without the -delete option and use -delete as the last option.

/bin/rm: Argument list too long

This error message appears when you use the rm command to remove a directory that contains a huge number of files. This happens because the number of files is larger than the system limit on the size of the command line argument.

There are several different solutions to this problem. For example, you can cd to the directory and manually or using a loop to remove sub-directories one by one.

The easiest solution is first to delete all files within the directory with the find command and then delete the directory:

find /dir -type f -delete && rm -r /dir

---