Essential Linux Command-Line Tricks for Sysadmins: Find, Sed, iptables, and More

This guide presents a curated collection of Linux command‑line snippets and small scripts that address common sysadmin tasks.

1. Find and move all *.tar files

find . -name "*.tar" -exec mv {} ./backup/ ;

The find command searches for files ending with .tar and -exec moves each result to the ./backup/ directory.

2. Batch unzip all *.zip files

for i in `find . -name "*.zip" -type f`
do
  unzip -d $i /data/www/img/
 done

This loop locates every .zip file and extracts its contents into /data/www/img/.

3. Frequently used sed commands (example file: test.txt)

sed -i 's/^\.//g' test.txt          # remove leading dot
sed 's/^/a/g' test.txt               # prepend "a" to each line
sed 's/$/a/' test.txt                # append "a" to each line
sed '/wuguangke/a c/' test.txt      # add "c" after a matching line
sed '/wuguangke/i c/' test.txt      # add "c" before a matching line

Refer to sed documentation for additional patterns.

4. Test if a directory exists, create if missing

if [ ! -d /data/backup/ ]; then
  mkdir -p /data/backup/
else
  echo "The Directory already exists, please exit"
fi

The if … then … else … fi construct checks existence with -d.

5. Monitor root partition usage and email alert when ≥90%

Print usage percentage:

df -h | sed -n '/\/$/p' | awk '{print $5}' | awk -F '%' '{print $1}'

Loop that checks every 5 minutes and sends an email if usage exceeds 90%:

while sleep 5m
do
  for i in `df -h | sed -n '/\/$/p' | awk '{print $5}' | sed 's/%//g'`
  do
    echo $i
    if [ $i -ge 90 ]; then
      echo "More than 90% Linux disk space, please check!" \
        | mail -s "Warn Linux Disk ${i}%" [email protected]
    fi
  done
done

6. Top 20 IP addresses in Nginx access log

cat access.log | awk '{print $1}' | sort | uniq -c | sort -nr | head -20

7. Disable SELinux enforcing mode via sed

sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config

8. Replace /tmp with /tmp/abc/ in a file

sed -i 's:/tmp:/tmp/abc/:g' test.txt

9. Print maximum and minimum values from a file

sed 's/  / /g' a.txt | sort -nr | sed -n '1p;$p'

10. Retrieve Cacti data using SNMP v2c

snmpwalk -v2c -c public 192.168.0.241

11. Replace lines ending with jk to yz

sed -e 's/jk$/yz/g' b.txt

12. Capture network packets with tcpdump

tcpdump -nn host 192.168.56.7 and port 80
# Exclude a host
tcpdump -nn host 192.168.56.7 or ! host 192.168.0.22 and port 80

13. Configure H3C SNMP community name

snmp-agent sys-info version v1 v2c
snmp-agent community read public

14. Show the most frequently used 20 commands

cat .bash_history | grep -v '^#' | awk '{print $1}' | sort | uniq -c | sort -nr | head -20

15. Delete *.log files older than 3 days

find . -mtime +3 -name "*.log" | xargs rm -rf {} ;

16. Move files larger than 100 KB to /tmp

find . -size +100k -exec mv {} /tmp ;

17. Simple firewall script allowing only remote access to port 80

iptables -F
iptables -X
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -j REJECT

Alternative single rule:

iptables -A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT

18. Nginx log IP ranking (top 10)

cd /home/logs/nginx/default
sort -m -k4 -o access.logok access.1 access.2 access.3 ...
cat access.logok | awk '{print $1}' | sort -n | uniq -c | sort -nr | head -10

19. Replace directory path in a file using sed

sed 's:/user/local:/tmp:g' test.txt
# or in‑place edit
sed -i 's:/usr/local:/tmp:g' test.txt

These snippets provide quick, reusable solutions for everyday Linux system administration.