Overview
All the services or applications deployed on the system,
generates event log’s in a file for each action that is performed on the system
/ application / user. Over a period of time it becomes a tedious task to manage
such log files and grows in humongous sizes and the application performance
would deteriorate periodically.
To mitigate such issues and maintain log files we utilize “logrotate” which is designed to ease
administration. It takes care of automatic log file rotation, compression,
removal and mailing of log files.
It can be configured to maintain logs file on daily, weekly
monthly or when the size of the file is grown to a specific size.
Ideally, logrotate is run as a cron job. To test or run
manually you can run command “logrotate”
with “-f” parameter along with the
configuration file.
Applies To
Tested on RHEL 7, CentOS 7, though it can be configured on
most of the *nix flavor of OS.
Pre-Requisites
·
logrotate
Installation
In order to install the package, check if the package is installed, else install it the package.
Check Package
Check if the logrotate package is installed, run the command;
rpm -qa | grep logrotate
Install Package
Install the logrotate package, run the command;
yum install logrotate -y
Verify Package
To verify the logrotate package is installed, run the
command;
rpm -qa | grep logrotate
Configuration Files / Location
By default, when the logrotate is installed. All the Configuration
files “/etc/logrotate.conf” that are
configured.
/etc/logrotate.conf
|
Default configuration file
|
/etc/logrotate.d/
|
Default directory for different service or application configuration
file location
|
Logrotate – Configuration File
Default configuration file is configured as below. To display
current configuration without comments, run command;
grep -v "#" /etc/logrotate.conf
weekly
rotate 4
create
dateext
include /etc/logrotate.d
/var/log/wtmp {
monthly
create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0600 root utmp
rotate 1
Logrotate – Configuration Directory to Include
ls -l
Logrotate – httpd Script
A sample script, which show as to how to configure log
rotation for “/var/log/httpd/” location for all “*.log” which is filtered files.
Httpd – Rotation Script
/var/log/httpd/*log {
missingok
notifempty
sharedscripts
delaycompress
postrotate
/bin/systemctl reload
httpd.service > /dev/null 2>/dev/null || true
endscript
}
logrotate – Run Status
To validate the logrotate run status for each configuration
file and know the status of each one of them, run the command; It will list run
time for each config file.
cat /var/lib/logrotate.status
logrotate Manually
To run manually logrotate run the command below for specific
configuration file.
logrotate -f
/etc/logrotate.d/tomcat
logrotate Manually - Verbose
To verbose logrotate run the command below;
logrotate -v -f
/etc/logrotate.d/tomcat
logrotate Manually – Debug
To debug logrotate and redirect the logs to a file, run the
command below;
logrotate -d /etc/logrotate.conf
2> /tmp/logrotate.debug
logrotate Manually – All Configs
To rotate all the logs and in verbose mode, run the command
below;
logrotate -f -v
/etc/logrotate.conf
logrotate – Custom Application Log
To configure logrotate for a custom application. Create a
new config file and configure the options for log rotation in the folder “/etc/logrotate.d/”. We will be rotating
a specific file “catalina.out” only.
Set options for the log rotation accordingly.
vi /etc/logrotate.d/tomcat
Tomcat – Rotation Script – One Log File
/usr/local/apache-tomcat-6.0.20/logs/catalina.out {
copytruncate
daily
dateext
rotate 30
size 100M
notifempty
missingok
compress
postrotate
/usr/bin/MoveOldLogs.sh || true
endscript
}
logrotate – Custom Application Multiple Filters
To configure logrotate for a custom application. Create a
new configuration file and configure the options for log rotation in the folder
“/etc/logrotate.d/”.
We will be rotating a specific file “catalina.out” only. Another path wherein we will configure to
rotate filter files “*.log” for the paths.
Similarly we can configure for different paths.
File Type #1
|
/usr/local/apache-tomcat-6.0.20/logs/catalina.out
|
File Type #2
|
/usr/local/apache-tomcat-6.0.20/logs/*.log
|
logrotate -v -f /etc/logrotate.d/tomcat
Tomcat – Rotation Script – Multiple Filters
/usr/local/apache-tomcat-6.0.20/logs/catalina.out /usr/local/apache-tomcat-6.0.20/logs/*.log {
copytruncate
daily
dateext
rotate 30
size 100M
notifempty
missingok
compress
postrotate
/usr/bin/MoveOldLogs.sh || true
endscript
}
Configurable Options
A lot of other configurable options and with its function.
Options
|
Function
|
compress
|
To compress the rotated log file with gzip
|
nocompress
|
Compression is disabled
|
copytruncate
|
When processes are still writing information to open
log files. It will copy the active log file to a backup file and truncates
the active log file
|
nocopytruncate
|
Will copy the log files to backup
file, but the open log file will not be truncated
|
create mode owner group
|
rotates the log file and creates a new log file with the specified permissions, owner, and
group.
The default
is to use the same mode, owner, and group as the original file
|
nocreate
|
prevents the creation of a new log file creation
|
delaycompress
|
It’s used with the compress option is set,
then rotated log file is not compressed until the next time it is cycled
|
nodelaycompress
|
overrides delaycompress. The log file is compressed when it is
cycled
|
errors address
|
If logrotate encounters errors to an email
address
|
ifempty
|
Log file is rotated even if it
is empty. It’s the default setting
|
notifempty
|
Does not rotate the log file, if it is empty file or
zero byte file
|
mail address
|
This mails log files that are cycled to an address. When mail log
files are cycled, they are effectively removed from the system
|
nomail
|
When mail log files are cycled, a copy is not mailed
|
olddir directory
|
With this, cycled log files are kept in the specified directory. This
directory must be on the same filesystem as the current log files
|
noolddir
|
Cycled log files are kept in the same directory as
the current log files
|
prerotate/endscript
|
Before rotation run. The prerotate
and endscript invoke
task or script, check script below.
|
postrotate/endscript
|
After rotation run. The postrotate and endscript
invoke task or script, check script below.
|
daily
|
To rotate log files daily
|
weekly
|
To rotate log files weekly
|
monthly
|
To rotate log files monthly
|
rotate count
|
Specifies the number of times to rotate a file
before it is deleted. 0 (zero) means
no copies are retained. In case you set it as 7, seven copies are retained.
|
tabootext [+] list
|
directs logrotate to not rotate files with the specified extension.
The default list of extensions is .rpm-orig, .rpmsave, v, and ~.
|
size size
|
With this, the log file is rotated when the
specified size is reached. Size may be specified in bytes (default),
kilobytes (sizek), or megabytes (sizem).
|
Shell Script - MoveOldLogs.sh
#!/bin/bash
LogPath=/usr/local/apache-tomcat-6.0.20/logs/
LogFileName=catalina.out
LogDate=$(date
+"%m%d%Y")
MoveFileName=${LogPath}${LogFileName}
DestPath=/var/log/archive-logs/apache-tomcat/
#
# Create Destination path if it doesn't
exists
#
if [ ! -d
${DestPath} ]; then
mkdir -p ${DestPath}
fi
#
# Move the file to a archive folder
#
mv
${MoveFileName} ${DestPath}${LogFileName}.${LogDate}
gzip
${DestPath}/${LogFileName}.${LogDate}
exit
PostRotate - Option
Invoke command / task between postrotate and endscript tags.
postrotate
/bin/systemctl reload httpd.service > /dev/null
2>/dev/null || true
endscript
SlideShare Information
A step by step guide with screenshot is uploaded.
No comments:
Post a Comment