Configuring logrotate
by Uday R. Sawant, William Leemans, Jonathan Hobson, Oliver Pelz
Linux: Powerful Server Administration
- Linux: Powerful Server Administration
- Table of Contents
- Linux: Powerful Server Administration
- Linux: Powerful Server Administration
- Credits
- Preface
- 1. Module 1
- 1. Managing Users and Groups
- 2. Networking
- Introduction
- Connecting to a network with a static IP
- Installing the DHCP server
- Installing the DNS server
- Hiding behind the proxy with squid
- Being on time with NTP
- Discussing load balancing with HAProxy
- Tuning the TCP stack
- Troubleshooting network connectivity
- Securing remote access with OpenVPN
- Securing a network with uncomplicated firewall
- Securing against brute force attacks
- Discussing Ubuntu security best practices
- 3. Working with Web Servers
- Introduction
- Installing and configuring the Apache web server
- Serving dynamic contents with PHP
- Hosting multiple websites with a virtual domain
- Securing web traffic with HTTPS
- Installing Nginx with PHP_FPM
- Setting Nginx as a reverse proxy
- Load balancing with Nginx
- Setting HTTPs on Nginx
- Benchmarking and performance tuning of Apache
- Securing the web server
- Troubleshooting the web server
- 4. Working with Mail Servers
- 5. Handling Databases
- Introduction
- Installing relational databases with MySQL
- Storing and retrieving data with MySQL
- Importing and exporting bulk data
- Adding users and assigning access rights
- Installing web access for MySQL
- Setting backups
- Optimizing MySQL performance – queries
- Optimizing MySQL performance – configuration
- Creating MySQL replicas for scaling and high availability
- Troubleshooting MySQL
- Installing MongoDB
- Storing and retrieving data with MongoDB
- 6. Network Storage
- 7. Cloud Computing
- 8. Working with Containers
- Introduction
- Installing LXD, the Linux container daemon
- Deploying your first container with LXD
- Managing LXD containers
- Managing LXD containers – advanced options
- Setting resource limits on LXD containers
- Networking with LXD
- Installing Docker
- Starting and managing Docker containers
- Creating images with a Dockerfile
- Understanding Docker volumes
- Deploying WordPress using a Docker network
- Monitoring Docker containers
- Securing Docker containers
- 9. Streaming with Ampache
- 10. Communication Server with XMPP
- 11. Git Hosting
- Introduction
- Installing Git
- Creating a local repository with Git CLI
- Storing file revisions with Git commit
- Synchronizing the repository with a remote server
- Receiving updates with Git pull
- Creating repository clones
- Installing GitLab, your own Git hosting
- Adding users to the GitLab server
- Creating a repository with GitLab
- Automating common tasks with Git hooks
- 12. Collaboration Tools
- 13. Performance Monitoring
- 14. Centralized Authentication Service
- 2. Module 2
- 1. Installing CentOS
- Introduction
- Downloading CentOS and confirming the checksum on Windows or OS X
- Creating USB installation media on Windows or OS X
- Performing an installation of CentOS using the graphical installer
- Running a netinstall over HTTP
- Installing CentOS 7 using a kickstart file
- Getting started and customising the boot loader
- Troubleshooting the system in rescue mode
- Updating the installation and enhancing the minimal install with additional administration and development tools
- 2. Configuring the System
- Introduction
- Navigating text files with less
- Introduction to Vim
- Speaking the right language
- Synchronizing the system clock with NTP and the chrony suite
- Setting your hostname and resolving the network
- Building a static network connection
- Becoming a superuser
- Customizing your system banners and messages
- Priming the kernel
- 3. Managing the System
- Introduction
- Knowing and managing your background services
- Troubleshooting background services
- Tracking system resources with journald
- Configuring journald to make it persistent
- Managing users and their groups
- Scheduling tasks with cron
- Synchronizing files and doing more with rsync
- Maintaining backups and taking snapshots
- Monitoring important server infrastructure
- Taking control with GIT and Subversion
- 4. Managing Packages with YUM
- 5. Administering the Filesystem
- 6. Providing Security
- 7. Building a Network
- 8. Working with FTP
- 9. Working with Domains
- 10. Working with Databases
- 11. Providing Mail Services
- 12. Providing Web Services
- 13. Operating System-Level Virtualization
- 14. Working with SELinux
- 15. Monitoring IT Infrastructure
- 1. Installing CentOS
- 3. Module 3
- 1. Working with KVM Guests
- 2. Deploying RHEL "En Masse"
- 3. Configuring Your Network
- 4. Configuring Your New System
- 5. Using SELinux
- 6. Orchestrating with Ansible
- 7. Puppet Configuration Management
- 8. Yum and Repositories
- 9. Securing RHEL 7
- 10. Monitoring and Performance Tuning
- Bibliography
- Index
The logrotate tool allows you to rotate the logs that are generated by applications and scripts
It keeps your log directories clutter-free and minimizes disk usage when correctly configured.
The logrotate tool is installed by default, but I will include the installation instructions here for completeness. This recipe will show you how to rotate logs for rsyslog. We will rotate the logs everyday, add an extension based on the date, compress them with a one-day delay, and keep them for 365 days. Perform the following steps:
- First, to install
logrotate, perform the following command:~]# yum install -y logrotate - Ensure that it's enabled through the following:
~]# systemctl restart crond - Open
/etc/logrotate.d/syslogwith your favorite editor. The contents of this file are the following, by default:/var/log/cron /var/log/maillog /var/log/messages /var/log/secure /var/log/spooler { sharedscripts postrotate /bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true endscript } - Now, replace this with the following code:
/var/log/cron /var/log/maillog /var/log/messages /var/log/secure /var/log/spooler { compress daily delaycompress dateext missingok rotate 365 sharedscripts postrotate /bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true endscript } - Finally, save the file.
The logrotate tool is a script that is launched by cron everyday.
The directives added to the default logrotate definition are compress, daily, delaycompress, dateext, missingok, and rotate.
The compress directive compresses old versions of the log files with gzip. This behavior is somewhat changed by specifying delaycompress. This causes us to always have the most recently rotated log file available uncompressed.
The daily directive makes logrotate execute the definition every day. The rotate directive only keeps x rotated log files before deleting the oldest. In this case, we have specified this to be 365, which means that while rotating daily, the logs are kept for 365 days.
The missingok directive makes it alright for syslog to not create a file, which, however unlikely, is possible.
The dateext directive appends a date to the rotated file in the form of yyyymmdd instead of a number, which is the default.
The /etc/logrotate.conf file contains the defaults directives for all definitions. If you don't specifically use a directive within a definition for a file, the values in this file will be used if specified.
It would make sense to change the settings in this file so that all the definitions are affected, but this is not practical; not all log files are made equal. The syslog service generates a lot of messages, and it would probably clutter up your system before long. However, yum, for instance, doesn't generate a lot of messages, and it keeps this log file readable for much longer than your syslog files. This, by the way, is reflected in the definition for yum.
If you want to debug your new configuration, this can be achieved by executing the following to test just one configuration:
~# /usr/sbin/logrotate -v /etc/logrotate.d/<config file>
Alternatively, you can use the following to test everything:
~]# /usr/sbin/logrotate -v /etc/logrotate.conf
Here's an example:
~]# /usr/sbin/logrotate -v /etc/logrotate.d/syslog reading config file /etc/logrotate.d/syslog Handling 1 logs rotating pattern: /var/log/cron /var/log/maillog /var/log/messages /var/log/secure /var/log/spooler 1048576 bytes (no old logs will be kept) empty log files are rotated, old logs are removed considering log /var/log/cron log does not need rotating considering log /var/log/maillog log does not need rotating considering log /var/log/messages log does not need rotating considering log /var/log/secure log does not need rotating considering log /var/log/spooler log does not need rotating not running postrotate script, since no logs were rotated ~]#
-
No Comment