Essential Linux Command Cheatsheet: Find, Unzip, Sed, Disk Monitoring & More

1. Move all .tar files in the current directory

Locate files ending with .tar and move them to a backup folder.

find . -name "*.tar" -exec mv {} ./backup/ ;

Note: find -name searches by filename; -exec or xargs can act on the results. Common extensions include -mtime for modification time, -type for file type, and -size for size filtering.

2. Batch unzip all .zip files

Iterate over every .zip file and extract it to a target directory.

for i in `find . -name "*.zip" -type f`
do
  unzip -d $i /data/www/img/
 done

Note: The for i in (command); do … done construct runs a loop where i holds each filename.

3. Common sed one‑liners (example file test.txt )

Remove the first character of each line: sed -i 's/^.{1}//' test.txt Prefix each line with a: sed 's/^/a/' test.txt Append a to the end of each line: sed 's/$/a/' test.txt Insert c after a specific line containing wuguangke: sed '/wuguangke/a c' test.txt Prepend c to lines matching a pattern:

sed '/wuguangke/s/^/c/' test.txt

4. Check if a directory exists, create if missing

if [ ! -d /data/backup/ ]; then
  mkdir -p /data/backup/
else
  echo "The Directory already exists, please exit"
fi

5. Monitor root partition usage and email when ≥90%

Print the usage percentage:

df -h | sed -n '/\/$/p' | awk '{print $5}' | awk -F'%' '{print $1}'

Continuously check every 5 minutes and send an alert email if usage exceeds 90%:

while sleep 5m
do
  for i in `df -h | sed -n '/\/$/p' | awk '{print $5}' | sed 's/%//g'`
  do
    echo $i
    if [ $i -ge 90 ]; then
      echo "More than 90% disk space used, please check!" | mail -s "Warn Linux Disk $i%" [email protected]
    fi
  done
done

6. List top 20 IPs from Nginx access log

cat access.log | awk '{print $1}' | sort | uniq -c | sort -nr | head -20

7. Modify SELinux configuration with sed

sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config

8. Print maximum and minimum values from a file

cat a.txt | sort -nr | awk 'NR==1{print}'   # max
cat a.txt | sort -n  | awk 'END{print}'   # min

9. Retrieve SNMP v2c data (Cacti example)

snmpwalk -v2c -c public 192.168.0.241

10. Replace lines ending with jk to yz

sed -e 's/jk$/yz/g' b.txt

11. Capture network traffic with tcpdump

Capture HTTP traffic from a specific host: tcpdump -nn host 192.168.56.7 and port 80 Capture all traffic except a host on port 80:

tcpdump -nn host 192.168.56.7 or ! host 192.168.0.22 and port 80

12. Show the 20 most used shell commands

cat .bash_history | grep -v '^#' | awk '{print $1}' | sort | uniq -c | sort -nr | head -20

13. Delete *.log files older than 3 days

find . -mtime +3 -name "*.log" | xargs rm -rf {} ;

14. Move files larger than 100 KB to /tmp

find . -size +100k -exec mv {} /tmp ;

15. Simple firewall script to allow only remote access to port 80

iptables -F
iptables -X
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -j REJECT

Alternative single‑line rule:

iptables -A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT

16. Nginx log aggregation and top 10 IPs

cd /home/logs/nginx/default
sort -m -k4 -o access.logok access.1 access.2 access.3 ...
cat access.logok | awk '{print $1}' | sort -n | uniq -c | sort -nr | head -10

17. Replace directory paths in a file

sed 's:/user/local:/tmp:g' test.txt

Or using in‑place editing:

sed -i 's:/usr/local:/tmp:g' test.txt