Linux: Search for a File on The Entire Server
How do i do a FULL directory search on a Linux box. I want to look at the ENTIRE directory structure for a file. In this example, I am looking for a file by the name of "email_log".
I am currently using:
find / -type f -name "email_log" and I've used sudo find / -type f -name "email_log" too, but when i hit enter, it wants the sudo password, which I enter in and it doesn't find anything. Is my search syntax incorrect?
I am currently using:
find / -type f -name "email_log" and I've used sudo find / -type f -name "email_log" too, but when i hit enter, it wants the sudo password, which I enter in and it doesn't find anything. Is my search syntax incorrect?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
1) Running find / may be required if you aren't running the mlocate facility on your machine. This command can take a long time if you have many files.
Tip: First run nice -19 find / -type f > ~/machine-filelist.txt then grep for your file inside the machine file list.
2) Running locate produces near instant returns, most of the time. This command runs much faster than find, because indexes are used for lookup.
So... if you're running mlocate, follow noci's locate suggestion. If not, follow Dr. Klahn's suggestion of running find. If you have 1,000,000s of small files on your machine (like IMAP directories) follow my suggestion of creating a machine wide file list first, followed by grep commands against the file list.
Tip: First run nice -19 find / -type f > ~/machine-filelist.txt then grep for your file inside the machine file list.
2) Running locate produces near instant returns, most of the time. This command runs much faster than find, because indexes are used for lookup.
So... if you're running mlocate, follow noci's locate suggestion. If not, follow Dr. Klahn's suggestion of running find. If you have 1,000,000s of small files on your machine (like IMAP directories) follow my suggestion of creating a machine wide file list first, followed by grep commands against the file list.
There is nothing wrong with your syntax
-type f looking for regular file, is email_log a regular file? you can drop the -type f option it will just increase the time for the search
the simpler thing is what process is this log attached to? Check the configuration of that and it will tell you where the log file is.
Your issue is two fold.
You think that is the name of the file, but your results reflects that it is not the case.
in years of managing mail server, I do not believe email_log is ..
Seems as though this is supposed to be a processing data repository where you have a process that "processes" mail server logs and builds up a list.
Possible log rotation gone wrong where the file was rotated out, but the service not reloaded/hupped to have it detached from the old to the new.
Instead of starting from the end, I would start from the beginning.
1) what is the source of this file
2) what creates this file
3)what updates this file
4) what manages the space consumed by this file such that it does not empty the available storage space
5) somewhere within the answers to these question you will see the configured path where the file should be and make sure the option is not commented out such that the file is no longer being created/updated.
-type f looking for regular file, is email_log a regular file? you can drop the -type f option it will just increase the time for the search
the simpler thing is what process is this log attached to? Check the configuration of that and it will tell you where the log file is.
Your issue is two fold.
You think that is the name of the file, but your results reflects that it is not the case.
in years of managing mail server, I do not believe email_log is ..
Seems as though this is supposed to be a processing data repository where you have a process that "processes" mail server logs and builds up a list.
Possible log rotation gone wrong where the file was rotated out, but the service not reloaded/hupped to have it detached from the old to the new.
Instead of starting from the end, I would start from the beginning.
1) what is the source of this file
2) what creates this file
3)what updates this file
4) what manages the space consumed by this file such that it does not empty the available storage space
5) somewhere within the answers to these question you will see the configured path where the file should be and make sure the option is not commented out such that the file is no longer being created/updated.
You might try "iname" instead of "name" in the find command. iname is somewhat more relaxed.
"Search from the root for files matching this regex."
note: Unless the searched file is a specific single file name, find regexes can get to be confusing with escapes and double-escapes to avoid shell substitutions.
find is standard in most linux distributions.