Generally, you can just use the ">" to empty a log file. For example, to clear out /var/adm/syslog, just use:
That will empty the file while leaving ownerships and permissions intact.
Sometimes, however, you have a program that keeps the file open while it writes to the log. In such a case, you may need to stop the program, clear the log, and restart.
Note that using ">" under those conditions WILL free disk space but removing the file will not until the program holding the file open exits.
You can easily check to see if any process is using a file with "fuser" or "lsof":
will return the pid of syslog. You can combine all this:
ps -p `fuser /var/adm/syslog`
(It's not necessary to stop the syslogd process when clearing syslog)
An alternative to clearing logs is to rotate them - "logrotate" is available on Linux - you control it through a conf file and it will compress old logs as often as you like and only keep as many as you say.
Got something to add? Send me email.