Search for log and temporary files using find, then safely delete targets using -exec or xargs.
Refresh the locate database and use locate to enumerate configuration files quickly.
The system has accumulated log and temporary files. You have been asked to identify log files under
/var/log, find temporary files in /tmp older than 7 days, and remove stale temp files safely.
You also need to list configuration files quickly using locate after refreshing the database.
This is what cleanup and triage looks like in real environments: target precisely, verify matches, then delete with a safe execution path. The difference between “cleanup” and “incident” is usually one bad pattern.
.log files under /var/log./tmp older than 7 days./tmp using a safe find execution method.locate to list configuration files matching *.conf.find using -type, -name, and time filters like -mtime.
-exec (or pipe to xargs when appropriate).
locate and why updatedb matters.
.log files under /var/log.
find /var/log -type f -name '*.log'
find searches the filesystem in real time. Quoting '*.log' ensures the shell does not expand the glob
before find runs.
/var/log/syslog.log
/var/log/auth.log/tmp older than 7 days.
find /tmp -type f -mtime +7
-mtime +7 matches files whose data was last modified more than 7 days ago. This is a common cleanup filter for temp directories.
/tmp/debug_old.txt
/tmp/archive_001.tmpfind /tmp -type f -mtime +7 -exec rm {} \;
-exec runs a command for each matched file. The \; terminator must be escaped so the shell passes it through.
In production, you often run the same find without rm first, then add deletion once you trust the matches.
Old temp files deleted.sudo updatedb
locate searches an index, not the live filesystem. updatedb refreshes that index so newly created or moved files can be found.
mlocate database updated.*.conf files.
locate '*.conf'
Quoting the pattern prevents the shell from expanding it in your current directory. locate will return paths anywhere on the system
that match the indexed pattern.
/etc/ssh/sshd_config
/etc/nginx/nginx.conf
/etc/systemd/journald.confxargs (safe pattern).
find /tmp -type f -mtime +7 -print0 | xargs -0 rm
This is the safe xargs pattern: -print0 and -0 prevent whitespace and special characters from breaking file names.
Use this when you want one rm invocation that takes many paths at once.
# No output is normal for rm on success.find
: Searches the filesystem in real time using filters such as -type, -name, and -mtime.
find ... -exec <cmd> {} \;
: Executes a command once per matched path (the \; terminator must be escaped).
updatedb
: Refreshes the locate database (required to keep locate results current).
locate <pattern>
: Searches the locate database for matching paths (fast, but index-based).
xargs -0
: Safely builds command arguments from NUL-delimited input (pair with find -print0).