在Linux中的最近修改的文件中查找包含字符串的文件
我试图找到哪个文件包含我正在使用的服务器中的特定字符串。我尝试使用grep -rnw,但是服务器很巨大,可能需要几天的时间才能完成。 我不知道文件的位置或命名方式。我唯一知道的是几乎每天都会修改它(如果有的话,不知道确切的时间或频率)。
一种方法是列出过去2天内已修改的系统的每个文件,并将GREP搜索应用于这些文件,但我不知道该如何实现。
I am trying to find which file contains a specific string in a server I'm working on. I tried with grep -rnw but the server is immense and it would take probably days to complete.
I have no idea of where the file can be located nor how it is named. The only thing I know is that it is modified nearly every day (don't know the exact time or the frequency if there is any).
An approach would be to list every files of the system that have been modified within the past 2 days, and apply the grep search to these files, but I don't know how to achieve this.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
您确实可以使用
查找< / code>来过滤最近修改的文件,而仅对这些文件进行过滤:find / -type f -mtime -2 -exec grep -h -n“您的搜索查询”'{ }'\;-type f仅匹配常规文件-mtime -2匹配过去2天修改的文件(也许会增加此信息,以防万一)-exec 的所有匹配中执行以下命令匹配的行号You can indeed use
findto filter for recently modified files and only grep over those:find / -type f -mtime -2 -exec grep -H -n "your search query" '{}' \;-type fonly matches regular files-mtime -2matches files modified in the last 2 days (maybe increase this just in case)-execexecutes the following command on all matches offind-Htells grep to print the filenames alongside the matching line-nprints the matched line number到目前为止,您的其他答案都建议使用
查找's-exec功能,以运行已确定的每个候选文件的grep命令。这是可行的,但是启动数百或数千个单独的grep命令是昂贵的。将与XARGS组合将的组合起来更有效,将单独的grep命令的数量减少到最低:xargs将从其标准输入中读取的文件名为“grep”命令的形式参数列表开始,从而大大减少了单独的grep命令的数量。还请注意:
提供的扩展名和gnuXARGS。从示例命令中删除两个0s可以解决该问题,但请您访问涉及包含newlines的文件名的问题。-f选项将使grep在您描述的情况下,搜索词是固定字符串的情况。它还将保护您免受搜索词的可能性,如果它包含任何正则元视频器。查找可以使用各种其他信息,以更具选择性,以将哪些文件传递给GREP,如果您可以筹集任何此类详细信息。例如,如果您可以确定哪个用户将拥有该文件或有关其模式的任何内容(权限),或者在文件大小上的下限或上限。另外,如果您可以将搜索限制在整个文件系统的范围内,那么当然也可以改善经过的时间。Your other answers so far all suggest using
find's-execfeature to run agrepcommand for each candidate file identified. That's viable, but launching hundreds or thousands of separategrepcommands would be costly. It would be more efficient to combinefindwithxargsto reduce the number of separategrepcommands to a minimum:xargswill group the file names read from its standard input to form argument lists forgrepcommands starting with the given words, yielding a huge reduction in the number of separategrepcommands.Note also that:
findand GNUxargs. Removing the two0s from the example command would fix that, but leave you open to issues involving file names containing newlines.-Foption, as shown, will makegrepslightly more efficient for the case you describe, where the search term is a fixed string. It will also protect you against the possibility of the search term being misinterpreted in the event that it contains any regex metacharacters.findcan use all sorts of additional information to be more selective about which files are passed on togrep, if you can glean any such details. For example, if you can determine what user will own the file, or anything about its mode (permissions), or a lower or upper bound on the file size. Also, if you can limit the search to less than the whole filesystem then of course that will improve the elapsed time, too.一些说明:
-mtime -2:获取最近两天已修改的文件(您可以根据需要修改值grep“ abc”:字符串您正在寻找-exec do_something {} \;:这是通过搜索结果执行“ do_something”的方法(称为{})- ls:将其添加到您的查找命令中,可以根据您的意愿省略该文件。Some explanation:
-mtime -2: take the files, which have been modified the last two days (you might modify the value as you wishgrep "ABC": the string you're looking for-exec do_something {} \;: this is the way to execute "do_something" with your search result (known as{})-ls: adding this to yourfindcommand gives the complete information on the file you have found. This can be omitted as you wish尝试使用:
Try using: