Search for all files owned by a particular user

Abe_Bazouie · January 31, 2018, 4:39pm

Hi guys,

I am new to ES so I am not too sure how accurate is my question. I have a SAN with many terabytes of data. All users have their own home directory or share directory on that. I am looking for a solution to, when someone left them company, I can easily find all the files belong to him and report that to his manager in order to reassign to somebody else. Right now I am doing that by find command like:
find / -user $USERNAME > /root/userfiles.txt
But it is so time and resource consuming.
I am thinking to a solution to index all files' metadata (like: owner) and store them into a database and when I need I just search through that list by writing a query.
I think might be ES can help me in this way, so my question is, ES is a good solution for my problem at all or if not do you have any suggestion?

Thanks,

dadoonet · January 31, 2018, 5:00pm

I did something close to that I guess. Read http://david.pilato.fr/blog/2015/12/10/building-a-directory-map-with-elk/

Might help you.

Also FSCrawler has kind of support for that: https://github.com/dadoonet/fscrawler#adding-file-attributes

Abe_Bazouie · February 1, 2018, 2:47pm

Thanks David for quick reply!
Are you sure FSCrawler can pull our some information like: files' owner, UID and etc. ?
During my research for a suitable solution, I found this one. any idea? https://github.com/shirosaidev/diskover

dadoonet · February 1, 2018, 3:05pm

It is supposed to extract some basic information.

But there is still some work to do:

system · March 1, 2018, 3:05pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.