Apache server log size and log rotate configuration
January 18th, 2011 | 
Author: Log rotation is a crucial issue.
Both RHEL and Suse include logrotate and it is preconfigured for basic log-rotation. If you have some logs under /var/log that are suffixed with a dot and a number (/var/log/daemon.log.1) or even compressed (/var/log/mysql.log.5.gz), it means they were rotated by logrotate.
Logrotate needs a simple configuration file to help it manage the logs. The options used in the logrotate.conf file are documented in the manpage for logrotate. Many options are available, including options to to configure rotation to take place only after the logfile reaches a certain size, to have old logfiles e-mailed to you, and to compress saved logfiles to reduce storage requirements.
You can have multiple configuration files, one for every log, or maintain multiple logs through one configuration file.
In my red hat enterprise linux 5 server the log rotation config is in /etc/logrotate.conf.
Lets take a closer look at the configuration file, into which I have added some comments for a better understanding:
[root@zaguan conf]# cat /etc/logrotate.conf # see "man logrotate" for details # rotate log files weekly weekly # keep 4 weeks worth of backlogs # this is, 4 weeks will pass before the logs are rotated rotate 4 # create new (empty) log files after rotating old ones create # uncomment this if you want your log files compressed #compress # RPM packages drop log rotation information into this directory # the files in this directory are included and their config overrides # this (default) config include /etc/logrotate.d # no packages own wtmp -- we'll rotate them here /var/log/wtmp { monthly minsize 1M create 0664 root utmp rotate 1 } # system-specific logs may be also be configured here.
Lets see what is in /etc/logrotate.d:
[root@ logrotate.d]# ls -l /etc/logrotate.d total 140 -rw-r--r-- 1 root root 144 Dec 17 2009 acpid -rw-r--r-- 1 root root 288 Jun 28 2007 conman -rw-r--r-- 1 root root 71 Oct 26 12:21 cups -rw-r--r-- 1 root root 824 Jan 18 09:18 httpd -rw-r--r-- 1 root root 167 Feb 6 2009 httpd.old -rw-r--r-- 1 root root 61 Mar 28 2010 kdm -rw-r--r-- 1 root root 61 Aug 14 2008 kdm.rpmnew -rw-r--r-- 1 root root 571 Aug 21 2006 mgetty -rw-r--r-- 1 root root 136 Aug 12 2008 ppp -rw-r--r-- 1 root root 442 Jul 16 2008 psacct -rw-r--r-- 1 root root 61 Aug 30 15:31 rpm -rw-r--r-- 1 root root 121 May 21 2009 setroubleshoot -rw-r--r-- 1 root root 154 Apr 28 2010 snmpd -rw-r--r-- 1 root root 543 Feb 16 2010 squid -rw-r--r-- 1 root root 306 Jan 5 2010 syslog -rw-r--r-- 1 root root 48 Aug 23 2006 tux -rw-r--r-- 1 root root 32 Mar 24 2010 up2date -rw-r--r-- 1 root root 188 Apr 8 2010 vsftpd.log -rw-r--r-- 1 root root 100 Dec 15 2009 wpa_supplicant -rw-r--r-- 1 root root 100 Oct 26 23:22 yum
There are a lot of programs which have overriden the default logrotate configuration. For instance, lets take a closer look at /etc/logrotate.d/httpd:
[root@zaguan logrotate.d]# more httpd /soft/cds-invenio/var/log/apache.err { #rotate 8 times before deleting the log rotate 8 # rotate monthly monthly missingok notifempty sharedscripts postrotate /usr/sbin/apachectl graceful > /dev/null endscript } /soft/cds-invenio/var/log/apache.log { rotate 16 # rotate when the file size is 10MB or larger size 10M # ---------------------- missingok notifempty sharedscripts postrotate /usr/sbin/apachectl graceful > /dev/null endscript }
On RHEL5, logrotate is run from a daily job directory /etc/cron.daily/logrotate:
[root]# more /etc/cron.daily/logrotate #!/bin/sh /usr/sbin/logrotate /etc/logrotate.conf EXITVALUE=$? if [ $EXITVALUE != 0 ]; then /usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]" fi exit 0
You can read all configuration options of logrotate:
man logrotateOr refer to this manual for further details.
Note: spanish readers might find this link useful
Related posts:
- CDS Invenio: replicate software in another server (development server)
- [SOLVED] Apache: ‘[error] [client ::XXX] File does not exist:’
- VMWare ESX Server & Infraestructure Client
- Apache case sensitive to case insensitive and Alias [SOLVED]
- Instalación y configuración vufind en RedHat EL5 + Apache 2.2.16 + PHP 5.2.14
Posted in 
Tags: