Skip to content

404>Bytes

15. Clearing Logs And Tracks

subrat243/404-Bytes

Overview¶

Linux systems maintain logs and history files that record system activity, user actions, and events. Understanding how to:

View logs
Securely delete files
Manage command history

is important for system administration and cybersecurity operations.

Linux Log Files¶

Log Directory¶

cd /var/log

Explanation

/var/log stores system and application logs
Used for monitoring, debugging, and auditing

Common Log Files¶

File	Description
`/var/log/syslog`	General system logs
`/var/log/auth.log`	Authentication logs
`/var/log/kern.log`	Kernel logs
`/var/log/dmesg`	Boot and hardware logs

View Log Files¶

cat /var/log/syslog

less /var/log/auth.log

Explanation

cat → prints full content
less → scrollable view (recommended for large logs)

Important Note¶

Kernel logs (kern.log) contain sensitive system-level information
Should be handled carefully

shred — Secure File Deletion¶

Description¶

shred is used to permanently delete files by overwriting their content, making recovery difficult.

Syntax¶

shred -vfuz filename

Options Explained¶

-v → verbose (shows progress)
-f → force overwrite (change permissions if needed)
-u → delete file after overwriting
-z → overwrite with zeros at the end

Example¶

shred -vfuz secret.txt

Explanation

Overwrites file multiple times
Deletes file securely
Prevents data recovery

Clearing Bash History¶

Bash History File¶

Each user has a history file:

~/.bash_history

Edit History¶

nano ~/.bash_history

Explanation

Allows manual editing of command history

Clear History Completely¶

> ~/.bash_history

Explanation

Redirects empty output to file
Clears all stored commands

Clear Current Session History¶

history -c

Explanation

Clears history from current shell session

Practical Examples¶

View Authentication Logs¶

less /var/log/auth.log

Securely Delete Sensitive File¶

shred -vfuz passwords.txt

Clear Bash History¶

history -c
> ~/.bash_history

Important Notes¶

Logs are critical for forensics and troubleshooting
Do not delete logs unless necessary
shred is more secure than rm
Clearing history may be restricted in monitored environments
Some filesystems (like SSDs) may not guarantee complete shredding

Summary Table¶

Command	Purpose
`cd /var/log`	Access log directory
`cat`, `less`	View logs
`shred`	Secure file deletion
`.bash_history`	Command history file
`history -c`	Clear session history

Conclusion¶

Managing logs and securely handling files is essential for:

System monitoring
Data protection
Cybersecurity operations

Understanding these commands ensures better control over system activity and sensitive information in Linux environments.