asked on
Shell script / command to find files modified last 1470 mins of 1byte-20M of certain attributes
I'll need a Shell (Bash) script (rather an exact command) that outputs
a) files' name in the Solaris system, one file per line in the UNIX systems
b) that were modified/created the last 1470 minutes
c) exclude FIFO files, symbolic links, sockets (ie *.sock)
d) names of files of between 1 byte to 20MB in size
e) files in /dev, /devices, /kernel, /cdrom, /platform, /proc, /net
f) files mounted on NFS
I have about 1million files so hoping the command/script of outputting
the file can complete in 30mins, so may need efficient coding.
I need to amend the following script to read (ie for AV to scan) the above output file:
#!/bin/bash
LOGFILE="/var/log/clamav/`
## suggest to change dirs below to root but exclude databases
DIRTOSCAN="/var /opt /home /etc /tmp /export";
for S in ${DIRTOSCAN}; do
DIRSIZE=$(du -sh "$S" |grep -v "/proc" |grep -v "/dev" |grep -v ... /2>/dev/null | cut -f1);
## add to grep -v for any other file types to exclude
echo "Starting a daily scan of "$S" directory.
Amount of data to be scanned is "$DIRSIZE".";
clamscan -ri "$S" >> "$LOGFILE";
a) files' name in the Solaris system, one file per line in the UNIX systems
b) that were modified/created the last 1470 minutes
c) exclude FIFO files, symbolic links, sockets (ie *.sock)
d) names of files of between 1 byte to 20MB in size
e) files in /dev, /devices, /kernel, /cdrom, /platform, /proc, /net
f) files mounted on NFS
I have about 1million files so hoping the command/script of outputting
the file can complete in 30mins, so may need efficient coding.
I need to amend the following script to read (ie for AV to scan) the above output file:
#!/bin/bash
LOGFILE="/var/log/clamav/`
## suggest to change dirs below to root but exclude databases
DIRTOSCAN="/var /opt /home /etc /tmp /export";
for S in ${DIRTOSCAN}; do
DIRSIZE=$(du -sh "$S" |grep -v "/proc" |grep -v "/dev" |grep -v ... /2>/dev/null | cut -f1);
## add to grep -v for any other file types to exclude
echo "Starting a daily scan of "$S" directory.
Amount of data to be scanned is "$DIRSIZE".";
clamscan -ri "$S" >> "$LOGFILE";
ProgrammingShell ScriptingScripting LanguagesUnix OS
Last Comment
noci
ASKER
One more amendment for item f:
f) files not mounted under NFS & exclude raw partitions
f) files not mounted under NFS & exclude raw partitions
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Thanks, can you include options c & d ?
option c is done: (-type f)
option d: -size +1 -size -20M and combined:
(-a is assumed unless -o is given...)
option d: -size +1 -size -20M and combined:
(-a is assumed unless -o is given...)
find / /home /var /opt -type f -mount -mtime -1470 -size +1 -size -20M -print
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
so to exclude NFS, it will be:
-fstype !nfs
-fstype !nfs
(use ' or " around !nfs toexplicitely prevent replacement).
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Due to strict change control, don't plan to install GNU find.
so if I use -mtime, it will be
-mtime 25 (for files both created as well as modified last 25 hrs ??)
Does -mtime support fraction ie -mtime 24.5 (for the last 24.5 hrs??)
so if I use -mtime, it will be
-mtime 25 (for files both created as well as modified last 25 hrs ??)
Does -mtime support fraction ie -mtime 24.5 (for the last 24.5 hrs??)
ASKER
I don't have access to a Solaris server (as guiding my Solaris
admin as I'm compliance person).
Lastly to incorporate item e, I'll just append with grep -v ie
clamscan -ri `find / -type f -mount -mtime -25 -size +1 -size -20M -print |grep -v /dev |grep -v /kern |grep -v /proc |grep -v /net 2>/dev/null`
or the script runs faster if it's donet as below:
for S in ${DIRTOSCAN}; do
DIRSIZE=$(find / -type f -mount -mtime -25 -size +1 -size -20M -print |grep -v /dev |grep -v /kern |grep -v /proc |grep -v /net 2>/dev/null);
echo "Starting a daily scan of "$S" directory.
clamscan -ri "$S" >> "$LOGFILE";
admin as I'm compliance person).
Lastly to incorporate item e, I'll just append with grep -v ie
clamscan -ri `find / -type f -mount -mtime -25 -size +1 -size -20M -print |grep -v /dev |grep -v /kern |grep -v /proc |grep -v /net 2>/dev/null`
or the script runs faster if it's donet as below:
for S in ${DIRTOSCAN}; do
DIRSIZE=$(find / -type f -mount -mtime -25 -size +1 -size -20M -print |grep -v /dev |grep -v /kern |grep -v /proc |grep -v /net 2>/dev/null);
echo "Starting a daily scan of "$S" directory.
clamscan -ri "$S" >> "$LOGFILE";
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
f) files mounted on NFS
should read
f) files not mounted under NFS