When we manage servers and client computers in any type of place, one of the most practical and useful functions to use are the events that the system itself creates both its services and parameters as well as the installed applications and the tasks that each user executes. Eeto is useful for support, audit and control tasks. To manage this type of records or events in a much more comprehensive way, Linux integrates a tool called logrotate which allows automatic rotation, compression, deletion and sending of log files, thus facilitating administrative tasks..
TechnoWikis will explain how to install and use logrotate on Linux.
What is logrotate
This is a tool created with the objective of being able to manage systems in a natural way, creating large amounts of log files. Logrotate, therefore, allows you to automatically rotate, compress, delete and send log files. The best thing is its versatility since each log file can be handled periodically or as it grows. By default, logrotate runs as a daily cron job, which prevents a record from being modified several times a day unless a criterion is indicated for that record based on the size of this record and thus logrotate must be executed several times every day, or unless the -fo --force option is used.
Any number of configuration files can be in the logrotate command line, but it is normal to use a single configuration file in which any other configuration file that needs to be analyzed is included. If no arguments are provided on the command line, logrotate will print the version and copyright information, along with a brief summary of its use..
Logrotate functionalities
By using logrotate it will be possible to execute tasks such as:
- Start a new log file on a schedule, such as daily, weekly or monthly.
- Compress old log files to save hard disk space.
- Trim old files so that you only keep a certain number of old records.
- Rename old log files with a date mark so you know where to look for older records.
- Execute commands before or after a set of records is rotated.
1. Install logrotate on Ubuntu Linux
Step 1
By default logrotate is preinstalled on the system, in this case Ubuntu 18, but if not, we can install it with the following command:
sudo apt install logrotate -y
Step 2
Once logrotate has been installed on Ubuntu 18, it will be possible to verify the version of logrotate using the following command:
sudo logrotate
2. Configure logrotate in Ubuntu Linux
Step 1
By default, the main logrotate configuration file is "logrotate.conf" which is located in the /etc/logrotate.conf directory. Other configuration files are available in /etc/logrotate.d, it will be possible to list them with the following command:
sudo ls /etc/logrotate.d
Step 2
We can see the contents of the main logrotate configuration file by executing any of the following options:
cat /etc/logrotate.conf nano /etc/logrotate.conf
Step 3
The most essential options in this file are:
Rotate log files once a week
Archive the records using the specific user (root) and group (syslog) to avoid problems with the associated permissions
Save four old versions of the file
Save the old file with a new name and create a new file
Compress log files to save space
This is done using gzip by default, but it is possible to specify another program if necessary.
compress
Ensure directory content is included
In this /etc/logrotate.d directory, there are files that specify how to handle some individual log files.
include
It does not generate an error if the main record is missing
Does not rotate the log file when it is empty
Step 4
By default, logrotate is run daily by running the shell script /etc/cron.daily/logrotate, we can make use of the Apache logrotation by running the following command:
sudo logrotate -d /etc/logrotate.d/apache2
Step 5
By default, logrotate runs as a daily cron job. Each file in /etc/logrotate.d is used to add additional configurations or to cancel the default configurations for specific files, in the folder the logrotate configuration of any installed package that needs registration rotation is also stored, we can execute the following to see said content:
ls -l /etc/logrotate.d
Step 6
Some of the parameters to use with logrotate are:
Activate debug mode
Activate debug mode and imply -v. In debug mode, no changes will be made to the records or the logrotate status file.
-d, --debug
Force rotation
Tell the logrotate to force the rotation, even if it is not necessary. and.
-f, --force
Command prompt
Tell logrotate what command to use when sending records by mail, when using this command you must accept two arguments: 1) the subject of the message and 2) the recipient. The command must read a message in the standard entry and send it by mail to the recipient. The default mail command is / bin / mail -s.
-m, --mail <command>
Alternate Status Indicator
Tell logrotate to use an alternate status file, the default status file is /var/lib/logrotate.status.
-s, --state <statefile>
Print a short usage message
Thus, we have seen how to use logrotate to manage and manage events in Ubuntu Linux in a practical way.