Hide

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.


Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

Universal configuration monitoring and system of record for IT.
Hide

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

Hide

News

May 19, 2015 - A Look At The New Commandlinefu
I've put together a short writeup on what kind of newness you can expect from the next iteration of clfu. Check it out here.
March 2, 2015 - New Management
I'm Jon, I'll be maintaining and improving clfu. Thanks to David for building such a great resource!
Hide

Top Tags

Hide

Functions

Psst. Open beta.

Wow, didn't really expect you to read this far down. The latest iteration of the site is in open beta. It's a gentle open beta-- not in prime-time just yet. It's being hosted over at UpGuard (link) and you are more than welcome to give it a shot. Couple things:

  • » The open beta is running a copy of the database that will not carry over to the final version. Don't post anything you don't mind losing.
  • » If you wish to use your user account, you will probably need to reset your password.
Your feedback is appreciated via the form on the beta page. Thanks! -Jon & CLFU Team

Commands using tail from sorted by
Terminal - Commands using tail - 244 results
whatinstalled () { local cmdpath=$(realpath -eP $(which -a $1 | grep -E "^/" | tail -n 1) 2>/dev/null) && [ -x "$cmdpath" ] && dpkg -S $cmdpath 2>/dev/null | grep -E ": $cmdpath\$" | cut -d ":" -f 1; }
2016-11-08 16:13:10
User: lordtoran
Functions: cut grep tail which
0

Put this one-line function somewhere in your shell init, re-login and try

whatinstalled <command>

This is an elaborate wrapper around "dpkg -S", with numerous safeguards. Symlinks and command aliases are resolved. If the searched command is not an existing executable file or was installed by some other means than dpkg/apt, nothing is printed to stdout, otherwise the package name.

tail -v -f $(php -i | grep "^[ \t]*error_log" | awk -F"=>" '{ print $2; }' | sed 's/^[ ]*//g')
2016-08-31 12:13:31
User: paulera
Functions: awk grep sed tail
0

Runs "php -i", filter the error_log location, then watches it using "tail"

wget -q -O - http://192.168.0.1/goform/system/GatewaySettings.bin | strings | tail -n 2
2016-05-03 23:03:55
User: paulera
Functions: strings tail wget
3

The router Technicolor TC7200 has an exploit where the file http://192.168.0.1/goform/system/GatewaySettings.bin is open for unauthenticated access. Even though it is binary, the 2 last strings are the username and password for the pages for router management. It can be read using the 'strings' command, 'hexdump -C' or a hexadecimal editor.

(default user/password = admin/admin)

Reveals more configuration, including SSID name and Key for the wifi network:

wget -q -O - http://192.168.0.1/goform/system/GatewaySettings.bin

Hexadecimal dump of the file:

wget -q -O - http://192.168.0.1/goform/system/GatewaySettings.bin | hexdump -C
declare -a array=($(tail -n +2 /proc/net/tcp | cut -d":" -f"3"|cut -d" " -f"1")) && for port in ${array[@]}; do echo $((0x$port)); done
bar() { foo=$(ls -rt|tail -1) && read -ep "cat $foo? <y/n> " a && [[ $a != "n" ]] && eval "cat $foo" ;}
2015-10-21 20:09:33
User: knoppix5
Functions: eval ls read tail
0

This command will display the file, but you can change 'cat' to anything else

(type 'n' when prompted to cancel the command or anything else to proceed).

.

Some hints for newbies:

type

unset bar

to make 'bar' function annihilated.

For permanent usage you can put this (bar) function in your .bashrc (for bash) or in .profile (for sh).

With:

. ~/.bashrc

you can get all new inserted functions in .bashrc (so the function 'bar'

or whatever name you choose) immediately available.

curl -sL http://goo.gl/3sA3iW | head -16 | tail -14
tail -f <file>
2015-06-01 16:55:00
User: adrruiz
Functions: tail
-12

In cases when the user is following a log file that rotates then it is advisable to use the -F option as it keeps following the log even when it is recreated, renamed, or removed as part of log rotation.

To interrupt tail while it is monitoring, break-in with Ctrl+C.

tail -f /var/squid/logs/access.log | perl -pe 's/(\d+)/localtime($1)/e'
tail +### MYFILE
2015-04-23 11:49:15
User: pooderbill
Functions: tail
1

Useful for finding newly added lines to a file, tail + can be used to show only the lines starting at some offset. A syslog scanner would look at the file for the first time, then record the end_of_file record number using wc -l. Later (hours, days), scan only at the lines that were added since the last scan.

git rev-list --all|tail -n1|xargs git show|grep -v diff|head -n1|cut -f1-3 -d' '
git rev-list --all|tail -n1|xargs git show|grep -v diff|head -n1|cut -f1-3 -d' '
nmap -sP 10.0.0.0/8 | grep -v "Host" | tail -n +3 | tr '\n' ' ' | sed 's|Nmap|\nNmap|g' | grep "MAC Address" | cut -d " " -f5,8-15
2014-12-26 18:31:53
User: jaimerosario
Functions: cut grep sed tail tr
0

In the field, I needed to script a process to scan a specific vendor devices in the network. With the help of nmap, I got all the devices of that particular vendor, and started a scripted netcat session to download configuration files from a tftp server.

This is the nmap loop (part of the script). You can however, add another pipe with grep to filter the vendor/manufacturer devices only. If want to check the whole script, check in http://pastebin.com/ju7h4Xf4

tail -f access_log | awk '{print $1 , $12}'
2014-12-24 14:15:52
User: tyzbit
Functions: awk tail
0

Use this command to watch apache access logs in real time to see what pages are getting hit.

(ps -U nms -o pid,nlwp,cmd:500 | sort -n -k2) && (ps -U nms -o nlwp | tail -n +2 | paste -sd+ | bc)
2014-09-30 18:25:56
User: cmullican
Functions: paste ps sort tail
0

I occasionally need to see if a machine is hitting ulimit for threads, and what process is responsible. This gives me the total number, sorted low to high so the worst offender is at the end, then gives me the total number of threads, for convenience.

for file in $(find /var/backup -name "backup*" -type f |sort -r | tail -n +10); do rm -f $file; done ; tar czf /var/backup/backup-system-$(date "+\%Y\%m\%d\%H\%M-\%N").tgz --exclude /home/dummy /etc /home /opt 2>&- && echo "system backup ok"
2014-09-24 14:04:11
User: akiuni
Functions: date echo file find rm sort tail tar
Tags: backup Linux cron
0

this command can be added to crontab so as to execute a nightly backup of directories and store only the 10 last backup files.

tail -1f /var/opt/fds/logs/TraceEventLogFile.txt.0 | grep <msisdn> | tee <test-case-id>.trace | tr '|' '\n'
2014-08-21 19:29:07
User: neomefistox
Functions: grep tail tee tr
0

This command allows to follow up a trace on SDP (CS5.2), at the same time as the trace records are stored in the file with "raw" format.

Trace files in native format are useful to filter the records before to translation from '|' to '\n'.

Example:

grep -v OP_GET <raw-records>.trace | tr '|' '\n'
tail -f FILE | ccze
tail -f LOG_FILE | grep --line-buffered SEARCH_STR | cut -d " " -f 7-
2014-08-07 10:40:45
User: pjsb
Functions: cut grep tail
Tags: grep cut tail -f
0

Outputs / monitors the content of the LOG_FILE , which matches the SEARCH_STR. The output is cutted by spaces (as delimiter) starting from column 7 till the end.

find /var/log -type f -iregex '.*[^\.][^0-9]+$' -not -iregex '.*gz$' 2> /dev/null | xargs tail -n0 -f | ccze -A
2014-07-29 17:11:17
User: rubo77
Functions: find tail xargs
Tags: unix ccze logging
4

This will show all changes in all log files under /var/log/ that are regular files and don't end with `gz` nor with a number

bkname="test"; tobk="*" ; totalsize=$(du -csb $tobk | tail -1 | cut -f1) ; tar cvf - $tobk | tee >(sha512sum > $bkname.sha512) >(tar -tv > $bkname.lst) | mbuffer -m 4G -P 100% | pv -s $totalsize -w 100 | dd of=/dev/nst0 bs=256k
2014-07-22 15:47:50
User: johnr
Functions: cut dd du tail tar tee
0

This will write to TAPE (LTO3-4 in my case) a backup of files/folders. Could be changed to write to DVD/Blueray.

Go to the directory where you want to write the output files : cd /bklogs

Enter a name in bkname="Backup1", enter folders/files in tobk="/home /var/www".

It will create a tar and write it to the tape drive on /dev/nst0.

In the process, it will

1) generate a sha512 sum of the tar to $bkname.sha512; so you can validate that your data is intact

2) generate a filelist of the content of the tar with filesize to $bkname.lst

3) buffer the tar file to prevent shoe-shining the tape (I use 4GB for lto3(80mb/sec), 8gb for lto4 (120mb/sec), 3Tb usb3 disks support those speed, else I use 3x2tb raidz.

4) show buffer in/out speed and used space in the buffer

5) show progress bar with time approximation using pv

ADD :

To eject the tape :

; sleep 75; mt-st -f /dev/nst0 rewoffl

TODO:

1) When using old tapes, if the buffer is full and the drive slows down, it means the tape is old and would need to be replaced instead of wiping it and recycling it for an other backup. Logging where and when it slows down could provide good information on the wear of the tape. I don't know how to get that information from the mbuffer output and to trigger a "This tape slowed down X times at Y1gb, Y2gb, Y3gb down to Zmb/s for a total of 30sec. It would be wise to replace this tape next time you want to write to it."

2) Fix filesize approximation

3) Save all the output to $bkname.log with progress update being new lines. (any one have an idea?)

4) Support spanning on multiple tape.

5) Replace tar format with something else (dar?); looking at xar right now (https://code.google.com/p/xar/), xml metadata could contain per file checksum, compression algorithm (bzip2, xv, gzip), gnupg encryption, thumbnail, videopreview, image EXIF... But that's an other project.

TIP:

1) You can specify the width of the progressbar of pv. If its longer than the terminal, line refresh will be written to new lines. That way you can see if there was speed slowdown during writing.

2) Remove the v in tar argument cvf to prevent listing all files added to the archive.

3) You can get tarsum (http://www.guyrutenberg.com/2009/04/29/tarsum-02-a-read-only-version-of-tarsum/)

and add >(tarsum --checksum sha256 > $bkname_list.sha256) after the tee to generate checksums of individual files !

tail -f *.log | grep --color=always '|==>.+<=='
2014-07-11 07:47:27
User: danimath
Functions: grep tail
Tags: grep tail -f
0

This shows the the filenames of tail output in color. Helpful if you have many log files to tail

echo $(ifconfig) | egrep -o "en.*?inet [^ ]* " | sed 's/.*inet \(.*\)$/\1/' | tail -n +2
find -type f -iregex '.*\.\(mkv\|mp4\|wmv\|flv\|webm\|mov\|dat\|flv\)' -print0 | xargs -0 mplayer -vo dummy -ao dummy -identify 2>/dev/null | perl -nle '/ID_LENGTH=([0-9\.]+)/ && ($t +=$1) && printf "%02d:%02d:%02d\n",$t/3600,$t/60%60,$t%60' | tail -n 1
2014-06-07 15:50:41
User: powerinside
Functions: find perl printf tail xargs
0

Use case insensitive regex to match files ending in popular video format extensions and calculate their total time. (traverses all files recursively starting from the current directory)

getlunid() { lv=$(df -P $1|grep "^/dev/"|awk '{print $1}'|awk -F/ '{print $3}'); hd=$(lslv -l $lv|tail -1|awk '{print $1}');id=$(odmget -q "name like $hd AND attribute=unique_id" CuAt|grep "value ="|awk -F= '{print $2}'|tr -d '"');echo $id;}
2014-04-20 18:43:21
User: bigstupid
Functions: awk df echo grep tail tr
Tags: aix lvm SAN odm
0

For a given filesystem return the LUN ID. Command assumes 1:1 relationship between fs:lv:hdisk:lun which may not be the case in all environments.

echo $(sudo lshw -businfo | grep -B 1 -m 1 $(df "/path/to/file" | tail -1 | awk '{print $1}' | cut -c 6-8) | head -n 1 | awk '{print $1}' | cut -c 5- | tr ":" "-") | sudo tee /sys/bus/usb/drivers/usb/unbind
2014-04-06 12:06:29
User: tweet78
Functions: awk cut df echo grep head sudo tail tee tr
29

You have an external USB drive or key.

Apply this command (using the file path of anything on your device) and it will simulate the unplug of this device.

If you just want the port, just type :

echo $(sudo lshw -businfo | grep -B 1 -m 1 $(df "/path/to/file" | tail -1 | awk '{print $1}' | cut -c 6-8) | head -n 1 | awk '{print $1}' | cut -c 5- | tr ":" "-")