Commands using awk

grep 'HOME.*' data.txt | awk '{print $2}' | awk '{FS="/"}{print $NF}'

OR

awk '/HOME/ {print $2}' data.txt | awk -F'/' '{print $NF}'

In this example, we are having a text file that is having several entries like:

---

c1 c2 c3 c4

this is some data

HOME /dir1/dir2/.../dirN/somefile1.xml

HOME /dir1/dir2/somefile2.xml

some more data

---

for lines starting with HOME, we are extracting the second field that is a 'file path with file name', and from that we need to get the filename only and ignore the slash delimited path.

The output would be:

somefile1.xml

somefile2.xml

(In case you give a -ive - pls give the reasons as well and enlighten the souls :-) )

This command checks for the number of times when someone has tried to login to your server and failed. If there are a lot, then that user is being targeted on your system and you might want to make sure that user either has remote logins disabled, or has a strong password, or both. If your output has an "invalid" line, it is a summary of all logins from users that don't exist on your system.

You can use multiple field separators by separating them with | (=or).

This may be helpful when you want to split a string by two separators for example.

#echo "one=two three" | awk -F "=| " {'print $1, $3'}

one three

This command kills all processes with 'SomeCommand' in the process name. There are other more elegant ways to extract the process names from ps but they are hard to remember and not portable across platforms. Use this command with caution as you could accidentally kill other matching processes!

xargs is particularly handy in this case because it makes it easy to feed the process IDs to kill and it also ensures that you don't try to feed too many PIDs to kill at once and overflow the command-line buffer.

Note that if you are attempting to kill many thousands of runaway processes at once you should use 'kill -9'. Otherwise the system will try to bring each process into memory before killing it and you could run out of memory. Typically when you want to kill many processes at once it is because you are already in a low memory situation so if you don't 'kill -9' you will make things worse

On the Mac, the format ifconfig puts out is little different from Linux: the IP address is space separated, instead of colon. That makes parsing the IP address easier. See releated command for Linux/Unix:

http://www.commandlinefu.com/commands/view/651/getting-the-ip-address-of-eth0

This command will list a CSV list of infected files detected by clamav through squidclamav redirector.

Parses tektronic given csv files for both channel 1 and channel 2 and joins them together. Can be easily used by gnuplot after that.

Useful in scripts while you just need an IP address in a variable.

I use this on debian testing, works like the other sorted du variants, but i like small numbers and suffixes :)

kills all pids matching the search term of "PROCESS". Be careful what you wish for :)

Ran as the postgres user, dumps each database individually. It dumps with the create statements as well, so you can just 'zcat $x-nightly.dmp.gz | psql' to reimport/recreate a database from a backup.

Note that the file at the given path will have the contents of the (still) deleted file, but it is a new file with a new node number; in other words, this restores the data, but it does not actually "undelete" the old file.

I posted a function declaration encapsulating this functionality to http://www.reddit.com/r/programming/comments/7yx6f/how_to_undelete_any_open_deleted_file_in_linux/c07sqwe (please excuse the crap formatting).

This finds a process id by name, but without the extra grep that you usually see. Remember, awk can grep too!

I think I could cut down the number of pipes here, any suggestions?

This is a nice way to kill processes.. the example here is for firefox!!! substitute firefox for whatever the process name is...

Ever logged into a *nix box and needed to know which webserver is running and where all the current access_log files are? Run this one liner to find out. Works for Apache or Lighttpd as long as CustomLog name is somewhat standard. HINT: works great as input into for loop, like this:

Very useful for triage on unfamiliar servers!

convenience.

Useful to check DDoS attacks on servers.

This command takes the output of the 'last' command, removes empty lines, gets just the first field ($USERNAME), sort the $USERNAMES in reverse order and then gives a summary count of unique matches.

Sometimes, in a shell script, you need a random number bigger than the range of $RANDOM. This will print a random number made of four hex values extracted from /dev/urandom.