Tutorial on logrotate

Force Log Rotation :

logrotate /etc/logrotate.d/file_to_be_rotated

or

`logrotate -v -f /etc/logrotate.d/firewall           (v = verbose, f = force even if not required) ```

In order to rotate a log file you can add an entry to #/etc/logrotate.conf or you can create a custom separate file at /etc/logrotate.d/filename

Sample Entry for /etc/logrotate.conf

/var/log/yourlog.txt {

daily                                                   : Frequency

create 077 owner group           : owner group and permission for the rotated file

Size M                                   : Size in MB to start rotating.

minsize M                                        : Min Size in MB to rotate

rotate 7                                             : This means it will be rotated 7 times  before the oldest one is deleted.

}

Sample Entry for /etc/logrotate.d/httpd

/var/log/httpd/*.log { weekly rotate 52 compress missingok notifempty sharedscripts postrotate /bin/kill -HUP cat /var/run/httpd.pid 2>/dev/null 2> /dev/null || true endscript }

Where,

  • weekly : Log files are rotated if the current weekday is less then the weekday of the last rotation or if more then a week has passed since the last rotation.
  • rotate 52 : Log files are rotated 52 times before being removed or mailed to the address specified in a mail directive. If count is 0, old versions are removed rather then rotated.
  • compress : Old versions of log files are compressed with gzip to save disk space.
  • missingok : If the log file is missing, go on to the next one without issuing an error message.
  • notifempty : Do not rotate the log if it is empty
  • sharedscripts : Normally, prerotate and postrotate scripts are run for each log which is rotated, meaning that a single script may be run multiple times for log file entries which match multiple files. If sharedscript is specified, the scripts are only run once, no matter how many logs match the wildcarded pattern. However, if none of the logs in the pattern require rotating, the scripts will not be run at all.
  • postrotate
    /bin/kill -HUP cat /var/run/httpd.pid 2>/dev/null 2> /dev/null || true
    endscript : The lines between postrotate and endscript (both of which must appear on lines by themselves) are executed after the log file is rotated. These directives may only appear inside a log file definition.