my log files are getting larger and larger so i would like to know how do i clear them and Where are the log files located??
cd /var/log/httpd or cd /var/www/vhosts/youraccount.com/statistics/logs/ rm -f access_log rm -f access_log.processed rm -f error_log and other .tgz log files...
I'm not a big fan of deleting log files unless there's no alternative. Usually I'll bzip2 them up, as it saves a heck of a lot of space (I've compressed 1GB of logs down to under 20MB before). That way, should you ever need older logs to check for security purposes, you have them. Also, If you have a stats program like awstats or webalizer, you should make sure that your logs have been processed before deletion. If you're sure though, you can go ahead and delete them, then restart apache. Apache will automatically re-create new files.
first off my apologies for bumping such an old thread but this actually pertains to the exact issue that I'm dealing with. I would like to just delete the files but I plan to dig through them later. I was hoping that someone would be able to tell me what commands I should use to I would like to just clear them so I don't have any issues with them at all. I've had enough issue on my server the last few weeks. I have nearly 3 gigs sucked up by log files and would like to export them to a tgz or something of that nature. I just don't know how to dump a log file. Once I dump them then I'll just download them to my HDD and clear the server of all the information. YES I KNOW: NEEEEWWBB But I am trying to learn. If someone wouldn't mind giving me a little step by step on this I'd appreciate the hell out of it.
well I figured out that using the ">" command I can clear the log files but I'm still trying to figure out how to export them to a file that I can download and review. anyone on this at all? BTW Example of command for those that need to clear the files: > /var/log/logfilename Code (markup): of course replace the "logfilename" with the name of the log file that you need to clear. That will empty the file while leaving ownerships and permissions intact. Now there is supposed to be a command: fuser Code (markup): that you can use like this: fuser /var/adm/syslog Code (markup): were "syslog" is your log file that you want to check. It's supposed to tell you what background programs are using that log file but I kept getting errors when trying to run it. I guess I'm using the wrong command.... I also tried: ps -p `fuser /var/adm/syslog` Code (markup): but this gave me other errors as well, IDK what the right command is to get these things to tell me what programs are still using the file that I'm trying to clear.
1. normally - unless you OWN the server - log files are legal evidence and stay there for a reason! 1.1 YOUR logfiles may be valuable legal evidence needed by YOUR HOST 1.2 your logfiles may be your ONLY resource to research hacker intrusion or security breach and thus NEVER ever should be deleted unless fully processed. usually it may be good to keep logs at least one full year to make sure you have solved ALL LATER / future security problems in your current beginners level state having a web site is an open invitation for ALL hackers to use and abuse your web space as it is obvious that nothing at all is secured and you most likely set security as a much later ( too late ) priority. meanwhile you may "host" hackers, phishing sites, etc like parasites and your log files may be YOUR only possible source to later on search, find and solve ALL your security issues and legal liability issues a site-OWNER may have in certain countries. 2. a common default apache system has a configuration how long access_log files are kept before auto-deleted. that typically is 3 months or mote. 3. assuming you have your log files in YOUR user space then you download them either via ftp or via rsync 4. deletion of your log files even if in your user space normally is prohibited by system configuration as the "owner' of your logfiles may most likely be someone else but your user account. it is up to the server-OWNER to decide IF and when to delete YOUR files as your log files may be HIS evidence of your possible gross negligence in case of security issues you may cause to his servers with an open / unsecured webspace or unsecured web applications or illegally hosted files / content ( like copyright infringement, etc )
I think you missed the part that this is my server and I'm the one that is ok with backing them up and clearing them out.... I looked through them and they don't auto delete at all. The information in them is more than 2 years old. As for security I already have a great firewall installed as well as a few other measures. I check regularly to make sure that there aren't any phishing pages that have been hacked into my domain. I had this happen about 4 years back and work hard to make sure that it doesn't happen ever again. I need to clear out these files as they have grown to suck up a couple gigs of information at this point and well I need that room for other things.
I do not suggest to delete log files because if the processes fails to create log files automatically you will receive errors. You can clear the logs files but do not delete them. Also, the logs location changes depending on the operating systems and Control panel installed on the server. Kailash
the log rotation and deletion in normal apache config is in a file called logrotate.conf and may be at /etc/logrotate.conf else you search for it using locate logrotate.conf there you see lines on - how often to rotate - how long to keep logs etc you can use any compression to compress all and download / save to DVD for possible later use if you delete ALL - may be you should keep the very last one the system may complain ( cause en error if NO log file exists to rotate ) you may also create at any time an artificial log rotatin by calling the rotate scipt - which typically is called /etc/logrotate.d that may be the best option to rotate ( after adapting your logrotate.conf to your needs ) then you get a fresh / empty new access_log then you download and / or delete all old log files
but how exactly do you go about exporting a log file to a zipped or gzip file and such, that's the part I haven't been able to figure out just yet.
1. you compress each file: - multiple possibiliities. zip, bzip2, etc. chose the one you know or google for it. one example: tar -czpv access_log >access_log.tar.gz adapt original filename to your needs. 2. to export /download into your local PC: assuming you have your rsync / ssh access, then download from our local machine using below ONE line shell command ( adapt paths as needed ): rsync -axv --progress --stats root@yoursite.com:/var/log/apache2/access_log*.gz /path/to-your-local/folder/ you also could use regular ftp if you have NONE of above - NO ftp / No ssh then CREATE that access google! thsi is very basic for having a server.
thanks for the heads up on this. I already have all my sftp ftp and ssh access setup. so I guess it's a googling I go, lol. Thanks again.
my earlier lines were nearly copy/paste lines hence that problem should fully be solved by now without google