In unix, what's the best way to reduce the size of a massive log file that is actively being written to?

bash unix linux log-files

On a linux server, I want to reduce the size of a log file which is several GB big. Cutting off the top half, or maybe the first million lines would work.


Solution 1:

This comes up in interviews quite often...

Are you looking to truncate the file without disrupting the processes? Is any of the information in the log file valuable? If so, I usually "zero" the file with a simple bash string.

: > /var/log/badlogfile

This comes up in situations where you may have an application that can't be restarted in a controlled manner. Let's say it's a financial trading application and the program can't be halted or restarted during the trading day. However, the log files are growing at some obscene rate due to an application bug. Truncating the log files using the method above or below can keep the system running.

Also see: http://www.cyberciti.biz/faq/truncate-large-text-file-in-unix-linux/

Solution 2:

You could put it in logrotate, then it won't get out of control as easily

Solution 3:

If it's actively being written to you don't really have much you can do by way of truncate. Your only options are to blank the file (you could copy it elsewhere first.)

echo "" >/var/log/fileYouWantToEmpty

That way the file ends up empty but is still the same file/inode so it won't disrupt the program that is logging.

Related

apache2 and php5: module or filter
Can you help me with my GDPR issue?
How to get FreeNAS to spin down disks?
How to setup PTR (Reverse DNS) at Godaddy DNS manager
HAproxy subdomain redirect
How to disable keys in MySQL InnoDB tables?
Postfix SMTP banner show multiple hostnames
Site hacked, looking for security advice [duplicate]
SSH client name resolution fails for names that are resolvable
Being flooded by wpad.dat
Firmware Best Practices and Update Schedules
How to remove Postfix queue messages sent to a specific domain