Subject: Working example -- Automatically
Author: AwsEC2
In response to: Working example -- Manually
Posted on: 09/07/2012 02:36:40 AM
The above log file rotation can be done automatically by system cron. Following are the key files that you should be aware of for logrotate to work properly.
Key file #1). /usr/sbin/logrotate The logrotate command itself.
Key file #2). /etc/cron.daily/logrotate The shell script executes the logrotate command daily.
The content should look like this:
$ cat /etc/cron.daily/logrotate
#!/bin/sh
/usr/sbin/logrotate /etc/logrotate.conf
EXITVALUE=$?
if [ $EXITVALUE != 0 ]; then
/usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]"
fi
exit 0
Log rotation configuration for all the log files are specified in this file.
The content should look like this:
$ cat /etc/logrotate.conf
# see "man logrotate" for details
# rotate log files weekly
weekly
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# use date as a suffix of the rotated file
dateext
# uncomment this if you want your log files compressed
#compress
# RPM packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp and btmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0600 root utmp
rotate 1
}
# system-specific logs may be also be configured here.
A folder to hold individual program's log rotation configuration.
For example, an Apache's vHost
example1.com
$ cat /etc/logrotate.d/example1.com.rotate
'/home/ec2-user/example1.com/access_log' {
nomail
missingok
notifempty
compress
nosharedscripts
weekly
copytruncate
}
'/home/ec2-user/example1.com/error_log' {
nomail
missingok
notifempty
compress
nosharedscripts
weekly
copytruncate
}
and Apache httpd itself:
$ cat /etc/logrotate.d/httpd
/var/log/httpd/*log {
missingok
notifempty
sharedscripts
postrotate
/bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true
endscript
}
If you have Tomcat running to serve the dynamic content, you may want to put your Tomcat's rotation configuration file here as well.
$ cat /etc/logrotate.d/tomcat5
/var/log/tomcat5/*.txt {
copytruncate
weekly
rotate 52
compress
missingok
}
/var/log/tomcat5/catalina.out {
copytruncate
weekly
rotate 52
compress
missingok
}
>
> On 09/06/2012 08:12:58 PM
AwsEC2 wrote:
Let's demo the utility with an example.
Step 1) Log file before rotation
The file which is about to be rotated is /home/ec2-user/example1.com/access_log which has the info as the following:
$ cd /home/ec2-user/example1.com
$ ls -l access_log
-rw-r--r-- 1 root root 173608 Sep 4 22:43 access_log
Step 2) Configuring how to rotate it
If you want to rotate the above log file for every 1KB, create the logrotate.conf as shown below.
$ vi my_logrotate.conf
/home/ec2-user/example1.com/access_log {
size 1k
create 644 root root
rotate 3
}
This logrotate configuration has following three options:
size 1k logrotate runs only if the filesize is equal to (or greater than) this size.
create rotate the original file and create the new file with specified permission, user and group.
rotate limits the number of log file rotation. So, this would keep only the recent 3 rotated log files.
Step 3) Manually run the utility tool
$ sudo logrotate my_logrotate.conf
Step 4) Log files after rotation
After the logrotation, following is the size of access_log
$ ls -l access_log*
-rw-r--r-- 1 root root 0 Sep 7 00:04 access_log
-rw-r--r-- 1 root root 173608 Sep 4 22:43 access_log.1
Note: After rotation, the running instance, Apache httpd, is holding the file descriptor pointing to access_log.1, rather than access_log. This can be verified by witnessing the growth of access_log.1. That's why you have to restart your instance after rotation for most cases. The alternative is to use copytruncate rather than create.
$ vi my_logrotate.conf
/home/ec2-user/example1.com/access_log {
size 1k
# create 644 root root
copytruncate
rotate 3
}
References:
