Mixing
Command: find and delete log files - deep explanation
find $LOG_PATH -type f -mtime +60 -print -exec rm {} ;
Above command deletes log files, I did read the manual for each command but didn't understand it WELL.
Can anyone explain this in a simple explanation?
Thanks!
linux find logs
edited Jan 15 at 4:34
peterh
4,491113157
asked Jan 15 at 3:27
CyrilCyril
503
add a comment |
find $LOG_PATH -type f -mtime +60 -print -exec rm {} ;
Above command deletes log files, I did read the manual for each command but didn't understand it WELL.
Can anyone explain this in a simple explanation?
Thanks!
linux find logs
edited Jan 15 at 4:34
peterh
4,491113157
asked Jan 15 at 3:27
CyrilCyril
503
add a comment |
find $LOG_PATH -type f -mtime +60 -print -exec rm {} ;
Above command deletes log files, I did read the manual for each command but didn't understand it WELL.
Can anyone explain this in a simple explanation?
Thanks!
linux find logs
edited Jan 15 at 4:34
peterh
4,491113157
asked Jan 15 at 3:27
CyrilCyril
503
find $LOG_PATH -type f -mtime +60 -print -exec rm {} ;
Above command deletes log files, I did read the manual for each command but didn't understand it WELL.
Can anyone explain this in a simple explanation?
Thanks!
linux find logs
linux find logs
edited Jan 15 at 4:34
peterh
4,491113157
asked Jan 15 at 3:27
CyrilCyril
503
edited Jan 15 at 4:34
peterh
4,491113157
asked Jan 15 at 3:27
CyrilCyril
503
edited Jan 15 at 4:34
peterh
4,491113157
edited Jan 15 at 4:34
peterh
4,491113157
edited Jan 15 at 4:34
peterh
4,491113157
4,491113157
asked Jan 15 at 3:27
CyrilCyril
503
asked Jan 15 at 3:27
CyrilCyril
503
asked Jan 15 at 3:27
CyrilCyril
503
503
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
Kudos for trying to understand the command using the manual first. I'll try and explain how the command works by referring to each section of the manual located here.
The command essentially does the following things. 1) It looks inside a path specified by the $LOG_PATH variable for regular files that have been modified more than 60 days prior. 2) For each valid result, it prints the filename and then executes the rm command on the file.
The detailed breakdown is as follows. The find command has a basic syntax which looks like this (a few advanced options have been omitted for clarity):
find [starting-point...] [expression]
The starting point is a path, such as /home or documents/. The manual says:
GNU find searches the directory tree rooted at each given
starting-point by evaluating the given expression from left to right,
according to the rules of precedence...
In your case, this starting point is specified by the variable $LOG_PATH. This variable is expected to contain a value that is valid path.
Now that find knows where to look for files, the next step is to evaluate the expressions given. Again, referring back to the manual:
The part of the command line after the list of starting points is the
expression. This is a kind of query specification describing how we
match files and what we do with the files that were matched.
For simplicity, we will consider the two types of expressions that appear in your command: tests and actions.
Tests return a true or false value, usually on the basis of some
property of a file we are considering.
Actions have side effects (such as printing something on the standard
output) and return either true or false, usually based on whether or
not they are successful.
The tests in this case are the -type f and the -mtime +60 expressions. The -type test checks that a file is of a certain type. -type f checks if a file a regular file. Other variations include -type d to check for directories, and -type l to look for symbolic links.
The -mtime +60 test is a bit more involved. It checks if a file's data/contents were modified more than 60 days ago. There is a complication here: find ignores the fractions involved in calculating the modified time. As a result, a file would actually need to be modified 61*24 hours ago to successfully pass this test. The time is calculated from the time when the command is executed, and is not based on calendar days.
The next expression in your find command is an action: -print. With the -print action, the filename of each file that passes the -type and -mtime tests is printed to standard output (one file per line). This essentially gives you the result of find: a list of files, which pass the test conditions you have specified.
The final part of your find command is also an action: -exec. The -exec action runs the specified command on each result of find. In your case, this is the rm command, which removes the file. The curly braces ({}) specify where the name of the file is to be substituted. This results in a command of the form rm /path/to/target/file. The semicolon at the end specifies that the command specified by -exec should be executed once for each matched file. Because the semicolon is a special character for the shell as well, it is escaped by prefixing a backslash.
answered Jan 15 at 7:11
HaxielHaxiel
2,7051915
add a comment |
$LOG_PATH is a variable that probably contains a path to search on, e.g: /home/folder1/folder2`
-type f : find only file, not folder or others
-mtime : last modified more than 60 days ago.
-print : print output of this command, should be default if not explicitly specified.
-exec rm {} ; : execute command on each line of result - separated by newline (actually on each file that this command found) that remove those files, ; is a must.
edited Jan 15 at 3:58
Nasir Riley
2,654249
answered Jan 15 at 3:44
Tuyen PhamTuyen Pham
625114
Thanks! But, what do you mean 60x24 hours ago? On the -mtime
– Cyril
Jan 15 at 3:56
+60means 60 days ago.
– Tuyen Pham
Jan 15 at 4:03
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f494525%2fcommand-find-and-delete-log-files-deep-explanation%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Kudos for trying to understand the command using the manual first. I'll try and explain how the command works by referring to each section of the manual located here.
The command essentially does the following things. 1) It looks inside a path specified by the $LOG_PATH variable for regular files that have been modified more than 60 days prior. 2) For each valid result, it prints the filename and then executes the rm command on the file.
The detailed breakdown is as follows. The find command has a basic syntax which looks like this (a few advanced options have been omitted for clarity):
find [starting-point...] [expression]
The starting point is a path, such as /home or documents/. The manual says:
GNU find searches the directory tree rooted at each given
starting-point by evaluating the given expression from left to right,
according to the rules of precedence...
In your case, this starting point is specified by the variable $LOG_PATH. This variable is expected to contain a value that is valid path.
Now that find knows where to look for files, the next step is to evaluate the expressions given. Again, referring back to the manual:
The part of the command line after the list of starting points is the
expression. This is a kind of query specification describing how we
match files and what we do with the files that were matched.
For simplicity, we will consider the two types of expressions that appear in your command: tests and actions.
Tests return a true or false value, usually on the basis of some
property of a file we are considering.
Actions have side effects (such as printing something on the standard
output) and return either true or false, usually based on whether or
not they are successful.
The tests in this case are the -type f and the -mtime +60 expressions. The -type test checks that a file is of a certain type. -type f checks if a file a regular file. Other variations include -type d to check for directories, and -type l to look for symbolic links.
The -mtime +60 test is a bit more involved. It checks if a file's data/contents were modified more than 60 days ago. There is a complication here: find ignores the fractions involved in calculating the modified time. As a result, a file would actually need to be modified 61*24 hours ago to successfully pass this test. The time is calculated from the time when the command is executed, and is not based on calendar days.
The next expression in your find command is an action: -print. With the -print action, the filename of each file that passes the -type and -mtime tests is printed to standard output (one file per line). This essentially gives you the result of find: a list of files, which pass the test conditions you have specified.
The final part of your find command is also an action: -exec. The -exec action runs the specified command on each result of find. In your case, this is the rm command, which removes the file. The curly braces ({}) specify where the name of the file is to be substituted. This results in a command of the form rm /path/to/target/file. The semicolon at the end specifies that the command specified by -exec should be executed once for each matched file. Because the semicolon is a special character for the shell as well, it is escaped by prefixing a backslash.
answered Jan 15 at 7:11
HaxielHaxiel
2,7051915
add a comment |
Kudos for trying to understand the command using the manual first. I'll try and explain how the command works by referring to each section of the manual located here.
The command essentially does the following things. 1) It looks inside a path specified by the $LOG_PATH variable for regular files that have been modified more than 60 days prior. 2) For each valid result, it prints the filename and then executes the rm command on the file.
The detailed breakdown is as follows. The find command has a basic syntax which looks like this (a few advanced options have been omitted for clarity):
find [starting-point...] [expression]
The starting point is a path, such as /home or documents/. The manual says:
GNU find searches the directory tree rooted at each given
starting-point by evaluating the given expression from left to right,
according to the rules of precedence...
In your case, this starting point is specified by the variable $LOG_PATH. This variable is expected to contain a value that is valid path.
Now that find knows where to look for files, the next step is to evaluate the expressions given. Again, referring back to the manual:
The part of the command line after the list of starting points is the
expression. This is a kind of query specification describing how we
match files and what we do with the files that were matched.
For simplicity, we will consider the two types of expressions that appear in your command: tests and actions.
Tests return a true or false value, usually on the basis of some
property of a file we are considering.
Actions have side effects (such as printing something on the standard
output) and return either true or false, usually based on whether or
not they are successful.
The tests in this case are the -type f and the -mtime +60 expressions. The -type test checks that a file is of a certain type. -type f checks if a file a regular file. Other variations include -type d to check for directories, and -type l to look for symbolic links.
The -mtime +60 test is a bit more involved. It checks if a file's data/contents were modified more than 60 days ago. There is a complication here: find ignores the fractions involved in calculating the modified time. As a result, a file would actually need to be modified 61*24 hours ago to successfully pass this test. The time is calculated from the time when the command is executed, and is not based on calendar days.
The next expression in your find command is an action: -print. With the -print action, the filename of each file that passes the -type and -mtime tests is printed to standard output (one file per line). This essentially gives you the result of find: a list of files, which pass the test conditions you have specified.
The final part of your find command is also an action: -exec. The -exec action runs the specified command on each result of find. In your case, this is the rm command, which removes the file. The curly braces ({}) specify where the name of the file is to be substituted. This results in a command of the form rm /path/to/target/file. The semicolon at the end specifies that the command specified by -exec should be executed once for each matched file. Because the semicolon is a special character for the shell as well, it is escaped by prefixing a backslash.
answered Jan 15 at 7:11
HaxielHaxiel
2,7051915
add a comment |
Kudos for trying to understand the command using the manual first. I'll try and explain how the command works by referring to each section of the manual located here.
The command essentially does the following things. 1) It looks inside a path specified by the $LOG_PATH variable for regular files that have been modified more than 60 days prior. 2) For each valid result, it prints the filename and then executes the rm command on the file.
The detailed breakdown is as follows. The find command has a basic syntax which looks like this (a few advanced options have been omitted for clarity):
find [starting-point...] [expression]
The starting point is a path, such as /home or documents/. The manual says:
GNU find searches the directory tree rooted at each given
starting-point by evaluating the given expression from left to right,
according to the rules of precedence...
In your case, this starting point is specified by the variable $LOG_PATH. This variable is expected to contain a value that is valid path.
Now that find knows where to look for files, the next step is to evaluate the expressions given. Again, referring back to the manual:
The part of the command line after the list of starting points is the
expression. This is a kind of query specification describing how we
match files and what we do with the files that were matched.
For simplicity, we will consider the two types of expressions that appear in your command: tests and actions.
Tests return a true or false value, usually on the basis of some
property of a file we are considering.
Actions have side effects (such as printing something on the standard
output) and return either true or false, usually based on whether or
not they are successful.
The tests in this case are the -type f and the -mtime +60 expressions. The -type test checks that a file is of a certain type. -type f checks if a file a regular file. Other variations include -type d to check for directories, and -type l to look for symbolic links.
The -mtime +60 test is a bit more involved. It checks if a file's data/contents were modified more than 60 days ago. There is a complication here: find ignores the fractions involved in calculating the modified time. As a result, a file would actually need to be modified 61*24 hours ago to successfully pass this test. The time is calculated from the time when the command is executed, and is not based on calendar days.
The next expression in your find command is an action: -print. With the -print action, the filename of each file that passes the -type and -mtime tests is printed to standard output (one file per line). This essentially gives you the result of find: a list of files, which pass the test conditions you have specified.
The final part of your find command is also an action: -exec. The -exec action runs the specified command on each result of find. In your case, this is the rm command, which removes the file. The curly braces ({}) specify where the name of the file is to be substituted. This results in a command of the form rm /path/to/target/file. The semicolon at the end specifies that the command specified by -exec should be executed once for each matched file. Because the semicolon is a special character for the shell as well, it is escaped by prefixing a backslash.
answered Jan 15 at 7:11
HaxielHaxiel
2,7051915
Kudos for trying to understand the command using the manual first. I'll try and explain how the command works by referring to each section of the manual located here.
The command essentially does the following things. 1) It looks inside a path specified by the $LOG_PATH variable for regular files that have been modified more than 60 days prior. 2) For each valid result, it prints the filename and then executes the rm command on the file.
The detailed breakdown is as follows. The find command has a basic syntax which looks like this (a few advanced options have been omitted for clarity):
find [starting-point...] [expression]
The starting point is a path, such as /home or documents/. The manual says:
GNU find searches the directory tree rooted at each given
starting-point by evaluating the given expression from left to right,
according to the rules of precedence...
In your case, this starting point is specified by the variable $LOG_PATH. This variable is expected to contain a value that is valid path.
Now that find knows where to look for files, the next step is to evaluate the expressions given. Again, referring back to the manual:
The part of the command line after the list of starting points is the
expression. This is a kind of query specification describing how we
match files and what we do with the files that were matched.
For simplicity, we will consider the two types of expressions that appear in your command: tests and actions.
Tests return a true or false value, usually on the basis of some
property of a file we are considering.
Actions have side effects (such as printing something on the standard
output) and return either true or false, usually based on whether or
not they are successful.
The tests in this case are the -type f and the -mtime +60 expressions. The -type test checks that a file is of a certain type. -type f checks if a file a regular file. Other variations include -type d to check for directories, and -type l to look for symbolic links.
The -mtime +60 test is a bit more involved. It checks if a file's data/contents were modified more than 60 days ago. There is a complication here: find ignores the fractions involved in calculating the modified time. As a result, a file would actually need to be modified 61*24 hours ago to successfully pass this test. The time is calculated from the time when the command is executed, and is not based on calendar days.
The next expression in your find command is an action: -print. With the -print action, the filename of each file that passes the -type and -mtime tests is printed to standard output (one file per line). This essentially gives you the result of find: a list of files, which pass the test conditions you have specified.
The final part of your find command is also an action: -exec. The -exec action runs the specified command on each result of find. In your case, this is the rm command, which removes the file. The curly braces ({}) specify where the name of the file is to be substituted. This results in a command of the form rm /path/to/target/file. The semicolon at the end specifies that the command specified by -exec should be executed once for each matched file. Because the semicolon is a special character for the shell as well, it is escaped by prefixing a backslash.
answered Jan 15 at 7:11
HaxielHaxiel
2,7051915
answered Jan 15 at 7:11
HaxielHaxiel
2,7051915
answered Jan 15 at 7:11
HaxielHaxiel
2,7051915
answered Jan 15 at 7:11
HaxielHaxiel
2,7051915
2,7051915
add a comment |
add a comment |
$LOG_PATH is a variable that probably contains a path to search on, e.g: /home/folder1/folder2`
-type f : find only file, not folder or others
-mtime : last modified more than 60 days ago.
-print : print output of this command, should be default if not explicitly specified.
-exec rm {} ; : execute command on each line of result - separated by newline (actually on each file that this command found) that remove those files, ; is a must.
edited Jan 15 at 3:58
Nasir Riley
2,654249
answered Jan 15 at 3:44
Tuyen PhamTuyen Pham
625114
Thanks! But, what do you mean 60x24 hours ago? On the -mtime
– Cyril
Jan 15 at 3:56
+60means 60 days ago.
– Tuyen Pham
Jan 15 at 4:03
add a comment |
$LOG_PATH is a variable that probably contains a path to search on, e.g: /home/folder1/folder2`
-type f : find only file, not folder or others
-mtime : last modified more than 60 days ago.
-print : print output of this command, should be default if not explicitly specified.
-exec rm {} ; : execute command on each line of result - separated by newline (actually on each file that this command found) that remove those files, ; is a must.
edited Jan 15 at 3:58
Nasir Riley
2,654249
answered Jan 15 at 3:44
Tuyen PhamTuyen Pham
625114
Thanks! But, what do you mean 60x24 hours ago? On the -mtime
– Cyril
Jan 15 at 3:56
+60means 60 days ago.
– Tuyen Pham
Jan 15 at 4:03
add a comment |
$LOG_PATH is a variable that probably contains a path to search on, e.g: /home/folder1/folder2`
-type f : find only file, not folder or others
-mtime : last modified more than 60 days ago.
-print : print output of this command, should be default if not explicitly specified.
-exec rm {} ; : execute command on each line of result - separated by newline (actually on each file that this command found) that remove those files, ; is a must.
edited Jan 15 at 3:58
Nasir Riley
2,654249
answered Jan 15 at 3:44
Tuyen PhamTuyen Pham
625114
$LOG_PATH is a variable that probably contains a path to search on, e.g: /home/folder1/folder2`
-type f : find only file, not folder or others
-mtime : last modified more than 60 days ago.
-print : print output of this command, should be default if not explicitly specified.
-exec rm {} ; : execute command on each line of result - separated by newline (actually on each file that this command found) that remove those files, ; is a must.
edited Jan 15 at 3:58
Nasir Riley
2,654249
answered Jan 15 at 3:44
Tuyen PhamTuyen Pham
625114
edited Jan 15 at 3:58
Nasir Riley
2,654249
edited Jan 15 at 3:58
Nasir Riley
2,654249
edited Jan 15 at 3:58
Nasir Riley
2,654249
2,654249
answered Jan 15 at 3:44
Tuyen PhamTuyen Pham
625114
answered Jan 15 at 3:44
Tuyen PhamTuyen Pham
625114
answered Jan 15 at 3:44
Tuyen PhamTuyen Pham
625114
625114
Thanks! But, what do you mean 60x24 hours ago? On the -mtime
– Cyril
Jan 15 at 3:56
+60means 60 days ago.
– Tuyen Pham
Jan 15 at 4:03
add a comment |
Thanks! But, what do you mean 60x24 hours ago? On the -mtime
– Cyril
Jan 15 at 3:56
+60means 60 days ago.
– Tuyen Pham
Jan 15 at 4:03
Thanks! But, what do you mean 60x24 hours ago? On the -mtime
– Cyril
Jan 15 at 3:56
Thanks! But, what do you mean 60x24 hours ago? On the -mtime
– Cyril
Jan 15 at 3:56
+60 means 60 days ago.– Tuyen Pham
Jan 15 at 4:03
+60 means 60 days ago.– Tuyen Pham
Jan 15 at 4:03
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f494525%2fcommand-find-and-delete-log-files-deep-explanation%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
