- Empty or Delete a log files in Linux or UNIX
- How to clear the contents of a log file from the command line
- Delete a log files in Linux or UNIX using truncate
- Other commands to empty or delete a large file content in Linux
- How do I clear log file using dd on Linux or Unix?
- How to empty or truncate a file in Linux using echo/printf
- Say hello to logrotate tool
- Conclusion
- How to Clear Systemd Journal Logs
- Clearing systemd journal logs
- 1. Clear journal log older than x days
- 2. Restrict logs to a certain size
- 3. Restrict number of log files
- Automatically clearing old log files [Requires intermediate knowledge of command line]
- How to truncate all logfiles?
- 5 Answers 5
Empty or Delete a log files in Linux or UNIX
How to clear the contents of a log file from the command line
Say you want to clear the contents of a log file named /var/log/messages, run:
# >/var/log/messages
The following is compatible with various Linux or Unix shells:
: > /var/log/messages
Verify file size:
# ls -l /var/log/messages
If you really wanted to delete or remove a file type the following rm command:
# rm /var/log/message
Delete a log files in Linux or UNIX using truncate
Use the truncate command to shrink or extend the size of each FILE to the specified size. So a proper way to clear log file named www.cyberciti.biz_access.log is to run the following command:
# cd /var/log/nginx/
# ls -lh www.cyberciti.biz_access.log
# truncate -s 0 www.cyberciti.biz_access.log
# ls -lh www.cyberciti.biz_access.log
Clear the contents of a file named /var/log/nginx/www.cyberciti.biz_access.log from the command line
Other commands to empty or delete a large file content in Linux
Try the cat command:
cat /dev/null > www.cyberciti.biz_access.log
Or the cp command:
# cp /dev/null /var/log/nginx/php_error.log
How do I clear log file using dd on Linux or Unix?
Type dd command as follows:
# dd if=/dev/null of=/path/to/log/file
# dd if=/dev/null of=/var/log/lighttpd/error_log
How to empty or truncate a file in Linux using echo/printf
One more method is to use the echo command:
# echo -n «» > /path/to/java/appserver.log
- No ads and tracking
- In-depth guides for developers and sysadmins at Opensourceflare✨
- Join my Patreon to support independent content creators and start reading latest guides:
- How to set up Redis sentinel cluster on Ubuntu or Debian Linux
- How To Set Up SSH Keys With YubiKey as two-factor authentication (U2F/FIDO2)
- How to set up Mariadb Galera cluster on Ubuntu or Debian Linux
- A podman tutorial for beginners – part I (run Linux containers without Docker and in daemonless mode)
- How to protect Linux against rogue USB devices using USBGuard
Join Patreon ➔
Say hello to logrotate tool
A better approach is to use logrotate tool. It is designed to ease administration of systems that generate large numbers of log files. It allows automatic rotation, compression, removal, and mailing of log files. Each log file may be handled daily, weekly, monthly, or when it grows too large. See my previous logrotate help page:
Conclusion
This page showed how to empty or delete a large log file contents in Linux and Unix like systems. There are other methods too as discussed in the comments section below.
🐧 Get the latest tutorials on Linux, Open Source & DevOps via
| Category | List of Unix and Linux commands |
|---|---|
| Documentation | help • mandb • man • pinfo |
| Disk space analyzers | df • duf • ncdu • pydf |
| File Management | cat • cp • less • mkdir • more • tree |
| Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Linux Desktop Apps | Skype • Spotify • VLC 3 |
| Modern utilities | bat • exa |
| Network Utilities | NetHogs • dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • glances • gtop • jobs • killall • kill • pidof • pstree • pwdx • time • vtop |
| Searching | ag • grep • whereis • which |
| Shell builtins | compgen • echo • printf |
| Text processing | cut • rev |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
Comments on this entry are closed.
my log files /var/log deleted is it creates any problem
/var/log is directory, if you delete the same just recreate directory using mkdir command:
mkdir /var/log
How would you specify to delete log that are over a certain age. ie 2days old or something like that. Thanks for the help.
One way is to setup new cronjob for that. Then google: “tmpwatch delete files older”
There are 2 options, either use log logrotate or use find command to get list of 2 days old files and empty them. You can find information about logrotate and about find command here only. Use search box to get information
Thank you for pointing me in the right direction. I’ve been doing some more research and had another question if you wouldn’t mine throwing in some input.
I want to remove apache logs after about a month. So I was going to set something up like this that I found online.
This is an example of a /etc/logrotate.d/httpd
/var/log/httpd/*.log <
daily
rotate 30
missingok
notifempty
sharedscripts
postrotate
/bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true endscript
>
Now from what I understand this will rotate the log daily meaning create a new log everyday. The 30 means that it will hold 30 of these logs before deleting them (or compressing if I put that option in there)
Also, before I go and set this up, I want to test it on 1 websites log incase I mess things up. Would it be ok to replace the line
/var/log/httpd/*.log
with
/var/log/httpd/”website”*.log to that affect to test in one website before doing all of them?
Does it sound like I’m on the right track or am I completely lost 🙂 thanks again for your input.
simply wirte rm file.log and press enter
Use the following command:
suppose your file name is message.log then use:
This will empty the file without having deleting it.
Hallo, i have same use command as your suggest.
echo ”> message.log
but, if one folder contain much log like that, how i can clean up directly using echo command without delete it (rm)
Hi Ajeet,
Can you tell me please how it works ?
echo “” ->print the blank space
and that blank space is redirected to message.log file
or in other word your file conatins replaced by blank space without
Please could anybody help me how to delete the log files of DHCP server. and how to identify them.
Источник
How to Clear Systemd Journal Logs
This quick tutorial shows you two ways to clear systemd journal logs from your Linux system.
The systemd journal is systemd’s own logging system. It is equivalent to the syslog in the init system. It collects and stored kernel logging data, system log messages, standard output and error for various systemd services.
A Linux machine with systemd writes the logs to /var/log/journal directory. If you remember the Linux directory structure, /var is where the system logs are stored.
You can either manually view the log files using less command or use the journalctl command. To view all the latest logs, use the command with reverse option.
The thing with logging is that over the time, it starts to grow big. And if you check the disk space in Linux, you’ll see that sometimes, it takes several GB of space.
Let me show you how to clean systemd journal logs and free up disk space on your Linux system.
Clearing systemd journal logs
First check the space taken by journal logs with the du command:
You can also use the journalctl command for the same task:
Both of the command should give approximately the same result:
Now that you know how much space the journal logs take, you can decide if you want to clear the logs or not. If you decide to clear the journal logs, let me show you a couple of ways of doing it.
You can of course use the rm command to delete the files in the log folder but I won’t advise that. The journalctl command gives you the proper way of handling old logs.
First thing you should do is to rotate journal files. This will mark the currently active journal logs as archive and create fresh new logs. It’s optional but a good practice to do so.
Now you have three ways to clear old journal logs. You delete logs older than a certain time or you delete older log files so that total log size is limited to the predefined disk space or you limit number of log files. Let’s see how to use all three methods.
1. Clear journal log older than x days
Keep in mind that logs are important for auditing purpose so you should not delete all of them at the same time. Let’s say you want to keep the log history of just two days. To delete all entries older than two days, use this command:
Here’s what the output may look like:
You can also change the provide time frame in hours like 2h, in minutes like 2m, in seconds like 2s. If you want bigger time units, you can 2weeks, 2months as well.
2. Restrict logs to a certain size
Another way is to restrict the log size. With this, it will delete the journal log files until the disk space taken by journal logs falls below the size you specified.
This will reduce the log size to around 100 MB.
You can specify the size in GB with G, MB with M, KB with K etc.
3. Restrict number of log files
The third way is to limit the number of log files. The journalctl usually has log files for the system and for the users. As the logs get old they are archived in various files.
You can limit the number of archive log files. Let’s say you want to have only five log files.
It will remove the older archive log files leaving only the specified number of log files.
Automatically clearing old log files [Requires intermediate knowledge of command line]
What you just did will clean the log files for now. In a month the logs will increase again. You can manually clean them with one of the methods described above. But that is a tedious task and you may not remember to do that regularly.
The good thing is that you can configure systemd to automatically handle old log files.
The journalctl has configuration file at /etc/systemd/journald.conf. There are settings which are commented out. The commented lines basically indicate the default value of those settings parameters (even if they are commented out).
You can change some of these default settings to automatically clean the log files.
You would want to change the following settings:
| Setting | Description |
|---|---|
| SystemMaxUse | Max disk space logs can take |
| SystemMaxFileSize | Max size of an INDIVIDUAL log file |
| SystemMaxFiles | Max number of log files |
Please note that you should be careful while editing configuration files. You must be comfortable using a terminal-based text editor like Vim, Emacs or Nano so that you don’t make silly mistakes while editing the conf file.
I advise to make a backup of the configuration file first:
Now, you should uncomment (remove the # at the beginning of the line) the setting you want to use. For example, I want to restrict the maximum disk space taken by the log files to 250 MB.
You’ll have to use Vim or some other terminal based editor in order to edit this configuration file. Here’s what it looks like me after editing the file.
Keep in mind that after editing the configuration file, you should load the changes:
The journald.conf file can be used to tweak the journalctl settings even further. You can even set the levels of log (info, debug, error etc) you want to see. It’s up to you if you want to change those settings as well.
I hope you like this tip to clear systemd journal log files. If you have any questions or suggestions, please leave a comment below.
Источник
How to truncate all logfiles?
can anybody give me a solution to truncate all logfile in /var/log/ directory?
and a question just for knowledge, is it a good idea or not?
5 Answers 5
truncate -s 0 /var/log/*log
if you want to do this more than once you should use logrotate to handle your logs. Usually it’s installed in ubuntu. Have a look at man logrotate (or if you do not have it installed look at the online manpage or install it with sudo apt-get install logrotate )
from the manpage:
logrotate is designed to ease administration of systems that generate large numbers of log files. It allows automatic rotation, compression, removal, and mailing of log files. Each log file may be handled daily, weekly, monthly, or when it grows too large.
If you want to clear all your log files, not just those in the first-level log folder, you could use:
Noting that if you already have logrotate running, you’ll need to clear out the rotated .gz logs as well:
A valid use for this could be building a VM appliance container for distribution, for example.
You should not need to do this as part of routine maintenance: as D-E-N quite correctly suggested, use logrotate for that.
As follow up to @D-E-N answer
This will find all log files in /var/log and truncate them to 0 bytes.
There’s couple methods to fully truncating a file, generally applicable to most POSIX-compliant OS. Most common that you’ll see with shell scripting is something like true > file.txt or : > file.txt ( and in case of bash shell, > redirection alone is sufficient ). That’s due to the way how > opens files via open() or openat() syscall with O_WRONLY|O_CREAT|O_TRUNC flags — that reads write-only OR create if filename doesn’t exist, OR truncate existing filename.
With that in mind, we can implement something like that in C ourselves:
Name the file that stores this code as trunc.c and compile that with gcc trunc.c -o trunc , and you have yourself a small utility that will truncate a filename argument it’s provided as in trunc ./foobar.txt . Of course, this code doesn’t do other checks, it only truncates first positional parameter. I’ll leave it up to the readers to figure out how to deal with more than one positional parameter. On side note, there is truncate() syscall which we could use as well, and truncate a file to variable length.
Now, if you are not a fan of C, Python might be easier for you. open() command operates on the same principle in Python — opening file for writing and truncating if filename exists. Thus we can do
As for finding all .log files, that’s been covered in other answers already — use * glob or extended glob in bash . There’s also find -type f -name «*.log» , which has -exec flag for running commands (in this particular case sh -c » to take advantage of > because > is a shell operator and not an external executable). Thus you can do
It’s also worth noting that log files in directory such as /var/log often are rotated by logrotate service, so there will be filenames such as /var/log/service.log , /var/log/service.log.1 , etc , so you may want to use *.log.6 pattern instead
Among other things, we can copy /dev/null into the desired file. Oddly enough, even though /dev/null is a special character device type of file, when you copy that elsewhere the result is empty regular file, at least with GNU cp . Thus we can do
Источник
