Hide

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.


Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

UpGuard checks and validates configurations for every major OS, network device, and cloud provider.
Hide

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

Hide

News

May 19, 2015 - A Look At The New Commandlinefu
I've put together a short writeup on what kind of newness you can expect from the next iteration of clfu. Check it out here.
March 2, 2015 - New Management
I'm Jon, I'll be maintaining and improving clfu. Thanks to David for building such a great resource!
Hide

Top Tags

Hide

Functions

Commands using sort from sorted by
Terminal - Commands using sort - 672 results
find $folder -name "[1-9]*" -type f -print|while read file; do echo $file $(sed -e '/^$/Q;:a;$!N;s/\n //;ta;s/ /_/g;P;D' $file|awk '/^Received:/&&!r{r=$0}/^From:/&&!f{f=$0}r&&f{printf "%s%s",r,f;exit(0)}');done|sort -k 2|uniq -d -f 1
2013-01-21 22:50:51
User: lpb612
Functions: awk echo find read sed sort uniq
2

# find assumes email files start with a number 1-9

# sed joins the lines starting with " " to the previous line

# gawk print the received and from lines

# sort according to the second field (received+from)

# uniq print the duplicated filename

# a message is viewed as duplicate if it is received at the same time as another message, and from the same person.

The command was intended to be run under cron. If run in a terminal, mutt can be used:

mutt -e "push otD~=xq" -f $folder

largest() { dir=${1:-"./"}; count=${2:-"10"}; echo "Getting top $count largest files in $dir"; du -sx "$dir/"* | sort -nk 1 | tail -n $count | cut -f2 | xargs -I file du -shx file; }
2013-01-21 09:45:21
User: jhyland87
Functions: cut du echo file sort tail xargs
1

You can simply run "largest", and list the top 10 files/directories in ./, or you can pass two parameters, the first being the directory, the 2nd being the limit of files to display.

Best off putting this in your bashrc or bash_profile file

history | awk '{if ($2 == "sudo") a[$3]++; else a[$2]++}END{for(i in a){print a[i] " " i}}' | sort -rn | head
2012-12-31 13:45:03
User: JamieKitson
Functions: awk sort
-1

List of commands you use most often suppressing sudo

history | awk '{if ($2 == "sudo") a[$3]++; else a[$2]++}END{for(i in a){print a[i] " " i}}' | sort -rn | head
find . -type d | while read dir ; do num=`ls -l $dir | grep '^-' | wc -l` ; echo "$num $dir" ; done | sort -rnk1 | head
find . -type f -printf "%[email protected] %Tc %p\n" |sort -n |cut -d' ' -f2- |tail -n20
du . | sort -nr | awk '{split("KB MB GB TB", arr); idx=1; while ( $1 > 1024 ) { $1/=1024; idx++} printf "%10.2f",$1; print " " arr[idx] "\t" $2}' | head -25
2012-12-03 02:59:13
User: agas
Functions: awk du head printf sort
0

Lists the size in human readable form and lists the top 25 biggest directories/files

tail -1000 `ls -ltr /var/log/CF* |tail -1|awk '{print $9}'`|cut -d "," -f 17|sort|uniq -c |sort -k2
2012-11-30 16:30:41
User: raindylong
Functions: awk cut sort tail uniq
0

count & sort one field of the log files , such as nginx/apache access log files .

du -hd1 |sort -h
pacman -Qi | grep 'Name\|Size\|Description' | cut -d: -f2 | paste - - - | awk -F'\t' '{ print $2, "\t", $1, "\t", $3 }' | sort -rn
2012-11-20 03:40:55
Functions: awk cut grep paste sort
-1

This, like the other commands listed here, displays installed arch packages. Unlike the other ones this also displays the short description so you can see what that package does without having to go to google. It also shows the largest packages on top. You can optionally pipe this through head to display an arbitrary number of the largest packages installed (e.g. ... | head -30 # for the largest 30 packages installed)

find . -type f |egrep '^./.*\.' |sed -e "s/\(^.*\.\)\(.*$\)/\2/" |sort |uniq
2012-11-12 17:17:55
User: dvst
Functions: egrep find sed sort
0

find files recursively from the current directory, and list the extensions of files uniquely

find . -type f -print | awk -F'.' '{print $NF}' | sort | uniq -c
MP3TAG_DECODE_UTF8=0 mp3info2 -p "%a - %l\n" -R . | sort | uniq
for k in `git branch -r|awk '{print $1}'`;do echo -e `git show --pretty=format:"%Cgreen%ci_%C(blue)%c r_%Cred%cn_%Creset" $k|head -n 1`$k;done|sort -r|awk -F"_" '{printf("%s %17s %-22s %s\n",$1,$2,$3,$4)}'
ls /var/log/sa/sa[0-9]*|xargs -I '{}' sar -u -f {}|awk '/^[0-9]/&&!/^12:00:01|RESTART|CPU/{print "%user: "$4" %system: "$6" %iowait: "$7" %nice: "$5" %idle: "$9}'|sort -nk10|head
for i in $(ps -eo pid|grep -v PID);do echo ""; echo -n "==$i== ";awk '/^read|^write/{ORS=" "; print}' /proc/$i/io 2>/dev/null; echo -n " ==$i=="; done|sort -nrk5|awk '{printf "%s\n%s %s\n%s %s\n%s\n\n",$1,$2,$3,$4,$5,$6}'
find /test -type f -printf "%AY%Aj%AH%AM%AS---%h/%f\n" | sort -n
tshark -qr [cap] -z conv,tcp | awk '{printf("%s:%s:%s\n",$1,$3,$10)}' | awk -F: '{printf("%s %s %s\n",$1,$3,substr($5,1,length($5)-10))}' | sort | uniq -c | sort -nr
ps axo %mem,pid,euser,cmd | sort -nr | head -n 10
du -sm /home/* | sort -n | tail -10
for i in $(seq 1 100 | sort -R); do echo $i; sleep 5; done
2012-09-25 17:47:32
Functions: echo seq sleep sort
3

Random choose numbers from 1 to 100 with 5 seconds interval without duplicates.

find . \( -iname '*.cpp' -o -iname '*.h' \) -exec wc -l {} \; | sort -n | cut --delimiter=. -f 1 | awk '{s+=$1} END {print s}'
2012-09-19 15:21:01
User: jecxjoopenid
Functions: awk cut find sort wc
0

Searches for *.cpp and *.h in directory structure, counts the number of lines for each matching file and adds the counts together.

sudo -s du -sm /Users/* | sort -nr | head -n 10
2012-09-13 10:15:23
User: mematron
Functions: du head sort sudo
1

In OSX you would have to make sure that you "sudo -s" your way to happiness since it will give a few "Permission denied" errors before finally spitting out the results. In OSX the directory structure has to start with the "Users" Directory then it will recursively perform the operation.

Your Lord and master,

Mematron

du -sh /home/*|sort -rh|head -n 10
2012-09-12 11:54:06
User: toaster
Functions: du head sort
0

the -h option of du and sort (on appropriate distrib) makes output "Human" readable and still sorted by "reversed size" (sort -rh)

sudo lastb | awk '{if ($3 ~ /([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}/)a[$3] = a[$3]+1} END {for (i in a){print i " : " a[i]}}' | sort -nk 3
2012-09-11 14:51:10
User: sgowie
Functions: awk lastb sort sudo
1

The lastb command presents you with the history of failed login attempts (stored in /var/log/btmp). The reference file is read/write by root only by default. This can be quite an exhaustive list with lots of bots hammering away at your machine. Sometimes it is more important to see the scale of things, or in this case the volume of failed logins tied to each source IP.

The awk statement determines if the 3rd element is an IP address, and if so increments the running count of failed login attempts associated with it. When done it prints the IP and count.

The sort statement sorts numerically (-n) by column 3 (-k 3), so you can see the most aggressive sources of login attempts. Note that the ':' character is the 2nd column, and that the -n and -k can be combined to -nk.

Please be aware that the btmp file will contain every instance of a failed login unless explicitly rolled over. It should be safe to delete/archive this file after you've processed it.