Logrotate

From Gentoo Wiki
Jump to:navigation Jump to:search
This article is a stub. Please help out by expanding it - how to get started.
Resources

Logrotate is a tool to periodically rotate (archive), delete, and optionally compress and/or mail historic log files. Logrotate ships with, and is invoked by a /etc/cron.daily cron job.

USE flags

USE flags for app-admin/logrotate Rotates, compresses, and mails system logs

acl Installs acl support
cron Installs cron file
selinux Installs Security Enhanced Linux support
verify-sig Verify upstream signatures on distfiles

Installation

Emerge

root #emerge --ask app-admin/logrotate

Configuration

Files

Accelerating log rotation can be very useful to setting up log rotate. Initial purging of extremely large logs, getting familiar with day to day messages, cleaning up the system, and setting up intrusion prevention systems can benefit greatly from this. Daily log rotation encourages administrators to be proactive about security, and system health rather than reactive.

  • /etc/logrotate.conf - The daemon's configuration file.
  • /etc/logrotate.d - This directory contains all log rotate settings and directives.
FILE /etc/logrotate.conf
# rotate log files weekly
#weekly
daily

If choosing a different rotation, remember to move the /etc/cron.daily/logrotate script in the correct subdirectory, eg. under /etc/cron.weekly/ for a weekly rotation of logs.

Portage log example

If the PORT_LOGDIR variable is set in /etc/portage/make.conf build logs will need to be rotated. The first line of the configuration file should hold the path where logs are stored by Portage:

FILE /etc/logrotate.d/portage
/var/log/portage/*.log {
    su portage portage
    createolddir 755 portage portage
    rotate 1
    weekly
    nocreate
    missingok
    ifempty
    olddir /var/log/portage/old
    compress
}

To schedule removal of old logs add the line maxage N to the config file, where N is the number of days after which the log file will be deleted.

See also

  • Rsyslog — open source system for high performance log processing.
  • Sysklogd — utility that reads and logs messages to the system console, logs files, other machines and/or users as specified by its configuration file.
  • Syslog-ng — a powerful, highly configurable monitoring and logging daemon.