Friday, February 17, 2012

Linux log file management (logrotate)

 A. Introduction to logrotate
As we repeatedly emphasized in advanced courses, as well as Linux operating systems, almost all of the log file
What kind of storage and management of its size and for what has been considered as very important.
 The answer is that logrotate utility can be said.
In other words, logrotate log files in the system can manage all of these logs, cut them (rotate),
Store, delete, compress, and send e-mail allows you to perform such tasks as the.
Concrete, for example, the Apache Web server that stores the history in the weblog file is access_log.
(Of course, the name and location of this file, how much time can be used interchangeably.)
This file is saved in a day capacity is enormous. (Of course, there are some visitors from the condition).
I even managed super wepseobeoman of Korea with a capacity of about 33MB per day will be saved.
Then about one month is 990MB, so you need about 1GB of some degree would be useful.
When I put these files on the partition assigned pailsiseutempul pretty soon thereafter (Filesystem Full) after two
The system can not be down.
In particular, such as Web hosting server on one server to multiple servers running the website very
That can be serious.

Furthermore, the server is not in the weprogeuman in advanced courses, as I explained the basics of Linux
Log file is over more than 10,010.
These log files to the appropriate size cut (rotate), by compressing, archiving, or deleting tasks, such as
Will be required periodically.

logrotate cron periodically by this brilliantly played this work produces.
The role of logrotate need right here and you can see that there is one of the main reasons why logrotate was developed.
Two. Configure logrotate file
Most of the Linux logrotate installed by default as the package is installed as.
logrotate daemon and configuration files are as follows.
Nine minutes
Where and how to run
Daemon (location)
/ Usr / sbin / logrotate
The location of the daemon and the daemon program
Daemon configuration file
/ Etc / logrotate.conf
Configuration file
Set the directory
/ Etc / logrotate.d
applied to the various log files logrotate to keep the directory
Situation, the file
/ Var / lib / logrotate.status
a job history files stored logrotate
cron (daily)
/ Etc / cron.daily / logrotate
logrotate is run periodically by cron daily, so be run as a becomes
First, / usr / sbin / logrotate logrotate daemon is a program that. by crond is a program that runs periodically.
/ Etc / logrotate.conf files logrotate runs as a separate log file for loading the throat of this file by setting a cut or (rotate), deleted, or will be extracted.
/ Etc / logrotate.d file, the log file for each individual configuration files and directories that exist, apply additional settings for log files is that here. For example, if you chose to install tripwire for a security check log files of the program will exist. Thus, for the management of the log file name in the appropriate directory, create a file with the settings that you want, you doegekkeum is managed by logrotate.
Finally, the / etc / cron.daily / logrotate logrotate file to be run periodically and will be placed in the cron.
In other words, this setting causes the logrotate cron once a day, which can be run periodically. 
Three. installations and upgrades and removal of logrotate
Logrotate is installed on your system before, let's check the version of the rpm package.
How to check are as follows:

In the example above, that are currently installed on your system's package logrotate logrotate-3.5.2-1 version that can be seen.

Now, using the information obtained so logrotate, let's look at the package configuration.
How to check are as follows:
Juguseong logrotate files and directories in the example above the
  • / Etc / cron.daily / logrotate
  • / Etc / logrotate.conf
  • / Etc / logrotate.d
  • / Usr / sbin / logrotate
For a description of these files has been covered already in Section 2 will be omitted.

Finally, reinstall the rpm logrotate and let's look at how to upgrade.
How to reinstall or upgrade rpm, the example above, give the package name followed by _Uvh option is

About the configuration file for logrotate over looked.
Four. logrotate.conf sample
of logrotate configuration directory / etc / logrotate.d / syslog file in the files found are part of several.
Of course, these settings / etc / logrotate.conf even within a file can get the same results.
The above settings are described as follows.
/ Var / log / messages  
log file destination, ie, logrotate programs work by the absolute path specified in the log file will haedun.
And then the "{" from "}," Until the log file is set for the individual.
target log file (/ var / log / messages) is a cycle to cycle, monthly cycle, so once a month, this file (rotate) will be.
cycle Note that you'll be explained later, the daily, weekly, monthly, etc. are . For a description of this will be covered in detail later.
cycle (rotate) the file is compressed by gzip. Compression is the opposite of the options nocompress is not.
(cant know, is circulating in the newly created log files are stored and not compressed.)
rotate 2 
specifies the number of files that are circulating. Will start from zero because of the example above, specifies monthly log files are stored will be able two months.
has been circulating for a specified number of log files that are passing through the mail is sent to the specified email address.
If you do not want to send mail if that is nomail.
of the specified log file for logrotate task when an error occurs during the specified mail address will be sent an email to.
postrotate / endscript
logrotate working on it at the end of the specified log file after I have set up operations will be run.
Most work in this part are set to rotate the log files, restart the daemon operation that is
working to reverse that, logrotate If there is work to be executed before work
postrotate / endscript instead prerotate / endscript to be used.

Four. The main options logrotate
 (Note: "man logrotate" If you look logrotate option for very many. Below introduce offering options frequently used options, or my opinion, as seen think it's important that the options I've described it, so other than for options If you want to know Please refer to the man page.)

-F, - force   

force circulates. This option adds a new item after the circular log file, or already deleted the old log file is created, a new log file if logging continues, and is a useful option.

-S, - state
Wave falls on the basic situation / var / lib / logrotate.status file instead of the specified state file is used.

- Usage
simply shows the basic use of logrotate.

Circular log file is compressed with gzip. nocompress opposed.

Circulation of the log file does not extract. Compress the opposite

create mode owner group
Are rotated in the file permissions of the log file is generated (mode) and the owner (owner), and the group owner (group) is specified.
(eg, create root 600 wheel)

Cycle circulates daily log file.

Circulates log files weekly intervals.

Period of one month to the log file circulates.

address errors
If an error occurs during logrotate task given is to send mail to e-mail address.

extension ext
The files generated after running logrotate rotated and attached to the extension after the name of the extension shall specify the person.
you compress with gzip compression as an option if the camera is gz extension is attached behind.
For example, the option to compress with "extension ext" If given the option file that is generated after running logrotate messages.0.ext.gz and you'll have the same look and feel

Even if the log file is empty rotate (circular) and will be. This is the default.

ifempty as opposed to the log file is empty, if you do not cycle.

mail address
After the old log files logrotate work with the specified email address sends mail. (In certain cases, you can not send the log file.)

postrotate / endscript
Since the action specified in logrotate task (script) is run.

prerotate / endscript
logrotate task previously assigned task (script) is run.

 rotate count
logrotate file that is circulating the results of running Let's understand that the total number of. 
ie, logrotate result of the deletion or mailed to the address specified mechanism to understand the total number of files that are 
set to rotate 0 after the previous file with the circulation deleted and discarded.

size size
The results of logrotate rotated the resulting file size should not exceed a specified size.
on how to specify the 100k, 100M, etc. If you specify capacity units are attaching. (Ie, the file size stated capacity is exceeded, rotate).
Based on the above information was to create some logrotate. Of course, confirmed by the results.


/ Var / log / ejabberd / *. Log {
    Rotate 30


/ Var / log / pure-ftpd.log { 
    Rotate 30