Ubuntu – var/log/syslog growing indefinitely in size

disk-usagefileslogsyslog

The disk that contains Ubuntu on my computer is 115GB in size.

When the disk was 114.7GBfull.

I started deleting some files here and there to free up around 5GB.

But I noticed the disk was 114GB filled again. I thought it was some cache or swap thingy so didn't give it much thought and went ahead and freed around 40GBby shifting some media files out of the disk.

I have a notification in an hour or so that the disk is full yet again!!
40GB!!! All gone!

So I debugged the problem down to the /var/log/syslog file which was initially definitely less than 20GB. I know this because /var folder was 17GB before I cleared the memory.

/var/log/syslog file is currently 55.9GB!

Could someone be so gracious to explain this anomaly?
Is this a bug?
Or am I affected with some malware or virus?

Best Answer

This indefinite growth generally occurs due to repeated log of one or more errors from the same source. In my case it was due to continual report of connection error from the wifi monitoring interface mon0 I have used to monitor my wifi traffic. There have been error reports of such overflow occurring in various other interfaces like tun0 from VPN etc.

I have resolved my issue by clearing the /var/log/syslog file

To tackle this error

  1. You need to find the source of this error and stop it from producing any further overflow of log
  2. Then clear the var/log/syslog file

Problems you might face doing the same

  1. Cant open var/log/syslog: due to massive size any editor is bound to crash
  2. Cant clear /var/log/syslog: Again due to massive size clearing is a challenge too

So, for viewing the error that caused the overflow

tail -f /var/log/syslog

For clearing use:

sudo cat /dev/null > /var/log/syslog
Related Question