If you're running frequent cron jobs (like every minute), you've probably noticed your /var/log/syslog getting flooded with entries like this:
Jun 25 00:56:01 myhostname /USR/SBIN/CRON[1144]: (root) CMD (php /path/to/script.php > /dev/null)
By default, cron logs every job execution to syslog through rsyslog. This is useful for auditing and debugging, but becomes problematic with high-frequency jobs. Even when you redirect output to /dev/null, the execution log remains.
The most elegant solution is to configure rsyslog to filter out specific cron messages. Create or modify /etc/rsyslog.d/50-default.conf:
# Stop logging cron job executions
:msg, contains, "/USR/SBIN/CRON" ~
Then restart rsyslog:
sudo systemctl restart rsyslog
You can also configure cron's logging verbosity in /etc/default/cron:
# Set cron logging to minimal
EXTRA_OPTS="-L 0"
Log levels available:
0- No logging1- Log start/end of jobs2- Log job executions (default)3- Debug level
If you're using systemd's journal, create /etc/systemd/journald.conf.d/no-cron.conf:
[Journal]
MaxLevelSyslog=warning
Then apply changes:
sudo systemctl restart systemd-journald
Before completely disabling cron logging:
- Consider keeping logs for security auditing
- For production systems, implement log rotation instead
- Test changes in a staging environment first
- Monitor disk space after changes
For systems where you need to keep logs but want to manage size, edit /etc/logrotate.d/rsyslog:
/var/log/syslog
{
rotate 7
daily
maxsize 100M
missingok
notifempty
delaycompress
compress
postrotate
/usr/lib/rsyslog/rsyslog-rotate
endscript
}
If you're running frequent cron jobs (especially those executing every minute), you'll notice your syslog getting flooded with entries like this:
Jun 25 00:56:01 myhostname /USR/SBIN/CRON[1144]: (root) CMD (php /path/to/script.php > /dev/null)
Even though we redirect script output to /dev/null, cron still logs the execution itself. For monitoring scripts that run every 60 seconds, this creates 1,440 identical log entries daily!
Cron logs through syslog using the cron facility. In Debian/Ubuntu systems, this is typically handled by rsyslog with configuration at:
/etc/rsyslog.d/50-default.conf
The relevant line usually looks like:
cron.* /var/log/cron.log
Option 1: Modify rsyslog Filtering
Edit the rsyslog configuration:
sudo nano /etc/rsyslog.d/50-default.conf
Change the cron line to filter out successful executions:
# Log all cron messages except successful executions
cron.*;cron.!info /var/log/cron.log
Then restart rsyslog:
sudo systemctl restart rsyslog
Option 2: Direct Cron Logs to Separate File
Create a dedicated cron log with rotation:
sudo nano /etc/rsyslog.d/30-cron.conf
Add these lines:
# Cron messages go to their own log
cron.* /var/log/cron.log
# Stop cron messages from going to syslog
& stop
Option 3: Disable Cron Logging Entirely
For extreme cases where you don't need any cron logging:
sudo nano /etc/rsyslog.d/10-cron.conf
Add this line:
cron.* ~
The tilde (~) means "discard these messages".
After making changes, check if they're working:
# Check rsyslog configuration
sudo rsyslogd -N1
# Watch syslog in real-time
sudo tail -f /var/log/syslog
# Check dedicated cron log if configured
sudo tail -f /var/log/cron.log
For modern systems, consider replacing cron with systemd timers:
# Create a service
sudo nano /etc/systemd/system/your-script.service
[Service]
ExecStart=/usr/bin/php /path/to/script.php
# Create a timer
sudo nano /etc/systemd/system/your-script.timer
[Timer]
OnCalendar=*:*:00
AccuracySec=1s
[Install]
WantedBy=timers.target
Then enable it:
sudo systemctl enable --now your-script.timer