4 069
contributi
Old:Configurare un server Syslog su Debian: differenze tra le versioni
Old:Configurare un server Syslog su Debian (visualizza wikitesto)
Versione delle 10:19, 14 set 2008
, 14 set 2008→Configurazione di logrotate
| Riga 55: | Riga 55: | ||
# apt-get install logrotate | # apt-get install logrotate | ||
</pre> | </pre> | ||
A titolo di esempio possiamo osservare la directory del web server Apache2 su un sistema in cui logrotate è in funzione, <tt>/var/log/apache2</tt> | |||
<pre> | |||
root@test:~# ls -1 /var/log/apache2/ | |||
access.log | |||
access.log.1 | |||
access.log.2.gz | |||
access.log.3.gz | |||
access.log.4.gz | |||
access.log.5.gz | |||
error.log | |||
error.log.1 | |||
error.log.2.gz | |||
error.log.3.gz | |||
error.log.4.gz | |||
error.log.5.gz | |||
</pre> | |||
Si possono notare i files di log attualmente in uso ('''access.log''' e '''error.log'''), i files di log del giorno precedente ('''access.log.1''' e '''error.log.1''') e i files dei giorni ancora precedenti, che di default vengono compressi e conservati per cinque settimane. | |||
Logrotate files can be scheduled using cron.In /etc we have one folder called | |||
/etc/cron.daily which contains scripts which are executed once per day. Here you will find the logrotate driver script. | |||
Every day this script runs and examines two things: | |||
* The configuration file /etc/logrotate.conf | |||
* The configuration directory /etc/logrotate.d | |||
This directory contains configuration files which other packages have installed. For example if you install apache2 the file /etc/logrotate.d/apache2 will be installed. | |||
Many servers such as Postfix the mailserver will install their own configuration file, and you can add your own. | |||
A typical logrotate configuration file looks like this: | |||
/var/log/apache2/*.log { | |||
weekly | |||
missingok | |||
rotate 52 | |||
compress | |||
delaycompress | |||
notifempty | |||
create 640 root adm | |||
sharedscripts | |||
postrotate | |||
if [ -f /var/run/apache.pid ]; then | |||
/etc/init.d/apache restart > /dev/null | |||
fi | |||
endscript | |||
} | |||
You can see several important things here. The most obvious is the list of files that will be matched by this configuration file: | |||
/var/log/apache2/*.log { | |||
... | |||
} | |||
After this we have a collection of configuration terms, a different one on each line. In the example above we have: | |||
* weekly | |||
o The files should be rotated every week. Opposite: daily | |||
* rotate nn | |||
o We should keep no more than nn files. | |||
* compress | |||
o Compress older files with gzip. Opposite: nocompress | |||
* delaycompress | |||
o Don't compress yesterdays files. Opposite: compress | |||
* notifempty | |||
o Don't do any rotation if the logfile is empty. Opposite: ifempty | |||
* create xx user group | |||
o If we have to create the new file give it the given mode, owner, and group. | |||
* sharedscripts | |||
o Run any given prerotate or postrotate script for each logfile individually. Opposite: nosharedscripts. | |||
* postrotate + endscript | |||
o Anything between these is executed after the rotation process. Opposite : prerotate | |||
The upshot of this script is that any file which matches /var/log/apache2/*.log is rotated every week, compressed, if it's non-empty. The new file is created with the file mode of 640, and after the rotation has finished the server is restarted. | |||
If we wish to install a local service which creates a logfile we can cause it to be rotated very easily, just by adding a new logrotate configuration file. | |||
Assuming we have a new service "web" which produces its output in /var/log/web/output.log we can cause this to be rotated every day with a script like this: | |||
/var/log/web/*.log { | |||
daily | |||
missingok | |||
rotate 7 | |||
compress | |||
delaycompress | |||
create 640 web web | |||
sharedscripts | |||
/etc/init.d/web restart | |||
endscript | |||
} | |||
This will: | |||
* Run daily. | |||
* Keep no more than 7 days worth of logfiles at any one time. | |||
* Not complain if there is a logfile missing. | |||
* Compress the older files, but not yesterdays. | |||
* Create the new logfiles as being owned by the user and group fred. | |||
* Restart the service after rotating the logfiles. | |||
Default /etc/logrotate.conf file as follows | |||
# see "man logrotate" for details | |||
# rotate log files weekly | |||
weekly | |||
# keep 4 weeks worth of backlogs | |||
rotate 4 | |||
# create new (empty) log files after rotating old ones | |||
create | |||
# uncomment this if you want your log files compressed | |||
#compress | |||
# packages drop log rotation information into this directory | |||
include /etc/logrotate.d | |||
# no packages own wtmp, or btmp -- we'll rotate them here | |||
/var/log/wtmp { | |||
missingok | |||
monthly | |||
create 0664 root utmp | |||
rotate 1 | |||
} | |||
/var/log/btmp { | |||
missingok | |||
monthly | |||
create 0664 root utmp | |||
rotate 1 | |||
} | |||
# system-specific logs may be configured here | |||
===Configurazione dei client della rete=== | ===Configurazione dei client della rete=== | ||