The command achieve in Linux: automatic log management

Posted onbyBlockmyIP| Category:Linux terminal commands

Introduction

On any Linux server, processes and applications continuously generate log files. Without an appropriate strategy, these files can grow without control, consuming disk space and making it difficult to debug. The commandlogrotateoffers an automatic solution to rotate, compress and remove these login according to defined policies.

What's a hit?

logotate is a utility that is typically run by cron daily. Read your configuration file and apply rules to each specified registry file, creating rotated versions (e.g.,access.log.1, access.log.2.gz) and eliminating the oldest ones according to the number of rotations or seniority.

How it works to achieve

The cron demon calls on/usr/sbin/logrotatewith the configuration file/etc/logrotate.confand additional files inside/etc/logrotate.d/. Each configuration block defines:

  • The log files to affect (can be used comandines).
  • The frequency of rotation (daily, weekly, monthly).
  • The number of rotations to be retained.
  • Additional actions such as compression, removal of old files, execution of scripts before or after rotation.

Main Configuration File

The file/etc/logrotate.confcontains global options that are inherited unless overwritten in specific blocks. Some common directives are:

  • weekly- weekly rotation.
  • rotate 4- keep four rotated copies.
  • create 0640 root adm- create a new registration file after rotation with the required permissions and owner.
  • compress- compress the rotated files with gzip.
  • delaycompress- postpone the compression to the second rotation cycle (useful when some process still needs to write in the recent file).
  • dateext- add a date to the name of the rotated file instead of a simple number.
  • dateformat .%Y-%m-%d- define the format of the added date when useddateext.

Service configuration blocks

In the directory/etc/logrotate.d/individual files are found for each application. For example, the filenginxmay contain:

/ var / log / nginx /*.log {
daily
missingok
rotate 14
compress
delaycompressor
notifempty
create 0640 www-data adm
sharescripts
bentotate
/ usr / sbin / invoke-rc.d nginx rotate > / dev / null 2 > & 1
endscript
}

Example of configuration for Apache based on size

In addition to time rotation, you can rotate when a file exceeds a given size using the directivesize. This is useful for applications that generate sporadic but voluminous login.

/ var / log / apache2 /*log {
size 100M
rotate 5
compress
create 0640 root adm
sharescripts
bentotate
/ usr / sbin / invoke-rc.d apache2 relaad > / dev / null 2 > & 1
endscript
}

In this example, every time any log file in the directory exceeds 100 megabytes, it will be rotated, compressed and maintained the five most recent copies.

Advanced directives

  • size- defines the maximum size before rotating (e.g.100M, 1G).
  • dateext- add a date to the name of the rotated file.
  • dateformat .%Y-%m-%d-%s- customizes the format of the date.
  • olddir /var/log/archive- move the rotated logs to a different directory.
  • prerotateandpostrotate- scripts that run before and after rotation.
  • sharedscripts- ensures that scripts run only once when several files match the pattern.
  • mail direccion@dominio.com- mail the rotated file before deleting it (requires that an MTA is configured).

Test and debugging

To test the configuration without applying real changes, use:

achieve -d / etc / achieve. conf

The option-d(debug) shows what you would do without touching the files. To force immediate rotation, use:

achieve -f / etc / achieve. conf

If you need to see which files would be affected in a real execution but without changing the status, combine-dwith-v(verbose) for more detail.

In case of problems, check the log file permissions and make sure that the user under which cron is run (usuallyroot) have permission to read, write and create in the specified directories. Also examine the cron logs in/var/log/syslogor/var/log/cronto see if the task was executed.

Good practices

  • Keep the configuration files as simple as possible; avoid duplicating directives that are already defined globally.
  • Usesharedscriptswhen several log files share the same prostotation script.
  • If its application needs to explicitly point to rotation (e.g. bykill -USR1), place that order inside the blockpostrotate.
  • Monitor disk use with tools likedforduto ensure that the retention policy is adequate.
  • Document any changes to the configuration and review it regularly, especially after software updates that can change the location of the login.
  • Consider usingolddirto separate rotated log from assets, facilitating backup and historical search.

Conclusion

logotate is an essential tool for any Linux system manager. Its declarative configuration allows you to automate log management, avoiding uncontrolled file growth and facilitating audit and problem resolution. With the concepts and examples presented, you are ready to implement an efficient and secure log rotation strategy in your environment.

This work is under aCreative Commons License Attribution 4.0 International for Francesc Roig francesc @ vivaldi.net.

EnglishenEnglishEnglish
SpanishesSpanishEspañolEnglishenEnglishEnglish