Moving along with lesson 18 of the Linux Up Skill Challenge. This lesson is titled “Log rotation” which will be great to touch on Linux logs as they are not something I have very much experience with.
The lesson starts with talking about logrotate and how helpful it can be with managing and automating your logs. That sounds wonderful to me! The lesson has me check the logs on my server and see that they are already being rotated:
david@linux-up-skill:~# ls /var/log/
alternatives.log dmesg.1.gz syslog
alternatives.log.1 dmesg.2.gz syslog.1
alternatives.log.2.gz dpkg.log syslog.2.gz
apache2 dpkg.log.1 syslog.3.gz
apt dpkg.log.2.gz syslog.4.gz
auth.log faillog syslog.5.gz
auth.log.1 installer syslog.6.gz
auth.log.2.gz journal syslog.7.gz
auth.log.3.gz kern.log ubuntu-advantage.log
auth.log.4.gz kern.log.1 ubuntu-advantage-timer.log
bootstrap.log kern.log.2.gz ubuntu-advantage-timer.log.1
btmp kern.log.3.gz ubuntu-advantage-timer.log.2.gz
btmp.1 kern.log.4.gz ufw.log
cloud-init.log landscape ufw.log.1
cloud-init-output.log lastlog ufw.log.2.gz
dist-upgrade netserver.debug_1905 ufw.log.3.gz
dmesg netserver.debug_824 unattended-upgrades
dmesg.0 private wtmp
david@linux-up-skill:~# ls /var/log/apache2/
access.log error.log.11.gz error.log.3.gz error.log.8.gz
access.log.1 error.log.12.gz error.log.4.gz error.log.9.gz
error.log error.log.13.gz error.log.5.gz other_vhosts_access.log
error.log.1 error.log.14.gz error.log.6.gz
error.log.10.gz error.log.2.gz error.log.7.gz
Fantastic. But when is this being done? How do you configure this? The lesson has me covered as it wants me to check on my cron scripts to find one for logrotate. OK. If I go to /etc/cron.daily I can in fact see the logrotate script there. When I look at the script I can see it is pointing to /etc/logrotate.conf for the actual configuration. If I read this file I can see logs are being rotated weekly and 4 weeks worth of logs are stored. I also see that packages log rotation information is stored in /etc/logrotate.d.
Looking in this folder I see a number of files. The lesson has me look at apache2:
/var/log/apache2/*.log {
daily
missingok
rotate 14
compress
delaycompress
notifempty
create 640 root adm
sharedscripts
postrotate
if invoke-rc.d apache2 status > /dev/null 2>&1; then \
invoke-rc.d apache2 reload > /dev/null 2>&1; \
fi;
endscript
prerotate
if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
run-parts /etc/logrotate.d/httpd-prerotate; \
fi; \
endscript
}This is pretty straight forward to read and understand. The lesson ends by having me make some changes to the apache2 configuration. I end up leaving the rotation set to daily but change it to save 52 copies. The lesson gives a few links which I am going to add here for my reference into the future. The Ultimate Logrotate Command Tutorial. Use logrotate to Manage Log Files.
