Answer: The first thing to find out is what exactly is happening in the log files. To see the latest log activity for your web server error log, for example, you would run:

tail -f /var/log/httpd/error.log

If the file is expanding, you should see errors popping up. When you are finished looking at it, press CTRL-C.

The next step is to fix whatever error you are receiving. If it is enough to fill up several megabytes or even a gigabyte of log space, it is a recurring error that should be fixed. For a web server, repeated failed connections could be some type of denial of service (DoS) attack. For a mail server, numerous open connections could mean that someone is using your server to send spam. The key is to find out exactly what the root cause is and then fix it. If you want to clear the log file, run:

> /var/log/httpd/error.og

Your logs will be back to normal size once your server is running normally again.

Answer: Linux has a nifty little command called “tail” that allows you to see the latest log file messages, but that by itself will not show you the latest messages as they arrive in real time. For that, all you have to do is add the “-f” tag to the end of the tail command. For example, if you want to watch mail server messages as they arrive, enter as root:

tail -f /var/log/maillog

Similarly, for Apache web server access logs, you would enter something like:

tail -f /var/log/httpd/access

And for web server errors:

tail -f /var/log/httpd/errors

Generally speaking, it will occupy your command prompt, not allowing you to do anything else. If you want to keep working and do not mind being interrupted whenever a message comes in, you can add the &, and it will return you to the command line.

tail -f /var/log/maillog &

Photo Source: Flickr