How to display features of a sepecific type of file in a linux server

songur 2022-04-12 19:15:20 UTC #1

Hi everyone, I am frasturated from searching and decided to ask:

I need to find a specific type of file in every path of a server includes accessed time,pathnames,version etc.

I did it in linux by patch but it need at least 3 script and analysis.

Colud you please help me how to do it.

for example how to find versions,pathnames,size,modification time of all *.txt files in a linux server in one analysis

JasonWalker 2022-04-12 20:00:41 UTC #2

Linux files don’t have “version” metadata. Especially not .txt files.

Retrieving every text file on a machine is likely to have a massive set of mostly useless results, which can lead to database growth and problems in your infrastructure.

Scanning the hard drive in pure Relevance is likely to keep the client locked up, cause heavy I/O on the hard drive, and make your clients report extremely slowly.

In any case, one should use an Action to retrieve the list of files, and an Analysis to pull details of the files found by the scan. A recent use-case came up with scanning for SpringShell. If your systems have the ‘locate’ command, I’d suggest the technique at 0-day Vulnerability Scan: SpringShell or Spring4Shell . If your machines don’t have ‘locate’, you could use ‘find’ but take care to skip network filesystems and to stagger the scans across machines. You could use the scripts and analysis linked at Spring Framework RCE Vulnerability – Current BigFix Actions as a reference.