1) logrotate Configuration
The Logrotate program is a log file management tool. Used to delete the old log file and create a new log file, we call it "dump".
Depending on the size of the log file or the number of days we can dump it, this process is usually done through a cron program.
The Logrotate program can also be used to compress log files and send logs to the specified e-mail.
The logrotate configuration file is the/etc/logrotate.conf main parameter as follows:
Parameter function
Compress post-dump log after gzip compression
Nocompress when compression is not required, use this parameter
Copytruncate for log files that are still open, to back up and truncate the current log
Nocopytruncate backing up log files but not truncation
Create Mode owner group dump file, creating a new log file with the specified file mode
Nocreate do not create a new log file
When Delaycompress and compress are in use, the dump log file is compressed until the next dump
Nodelaycompress overrides the delaycompress option, the dump is compressed at the same time.
Errors error message sent to the specified email address when the address is stored
Ifempty even empty files are dumped, this is the default option for Logrotate.
Notifempty if it's an empty file, don't dump it.
Mail address sends dump log files to the specified e-mail addresses
Log file not sent when Nomail dump
Olddir directory dumps the log file into the specified directory and must be in the same file system as the current log file
Noolddir dump log file and current log file in the same directory
Prerotate/endscript commands that need to be executed before dumping can be placed in this pair, these two keywords must be taken separately
Postrotate/endscript commands that need to be executed after the dump can be placed in this pair, these two keywords must be taken separately
Daily Specify a dump cycle of daily
Weekly specify the dump cycle as weekly
Monthly specify a dump cycle of monthly
Rotate count Specifies the number of dumps before the log file was deleted, 0 means no backup, 5 means 5 backups reserved
Tabootext [+] list lets logrotate not dump files with the specified extension, the default extension is:. Rpm-orig,. Rpmsave, V, and ~
Size size is not dumped when the log file reaches the specified size, and size can specify bytes (default) and KB (Sizek) or MB (sizem).
2) Default configuration Logrotate
Logrotate The default configuration file is/etc/logrotate.conf
The file contents of the Red Hat Linux default installation are:
The default configuration is generally placed at the very beginning of the logrotate.conf file, affecting the entire system. In this case, the first 12 rows.
The third row weekly specifies that all log files are dumped once a week.
Line Five rotate 4 specifies a retention of 4 copies of the dump file.
Line seventh errors root specifies the error message to be sent to root.
Line Nineth Create specifies that the new log file is automatically created by Logrotate, and the new log file has the same permissions as the original file.
Line 11th #compress specify not to compress the dump file, if you need to compress, remove the comment.
3) Use the Include option to read additional configuration files
The Include option allows the system administrator to centralize dump information scattered across several files into a single primary profile. When Logrotate reads the Include option from logrotate.conf, the configuration information is read from the specified file as if they were already in the/etc/logrotate.conf.
Line 13th INCLUDE/ETC/LOGROTATE.D tells Logrotate to read the log dump parameters stored in the/ETC/LOGROTATE.D directory, which is useful when the RPM package is installed in the system. The log dump parameters for RPM packages are generally stored in the/ETC/LOGROTATE.D directory.
The Include option is important, and some applications store log dump parameters in/ETC/LOGROTATE.D.
Typical applications are: Apache, linuxconf, Samba, cron, and syslog.
This allows the system administrator to manage only one/etc/logrotate.conf file.
4) Overriding the default configuration with the Include option
When/etc/logrotate.conf reads a file, the dump parameter in the file specified by include overrides the default parameter, as in the following example:
In this example, when the/etc/logrotate.d/linuxconf file is read, the following parameter overrides the default parameter in/etc/logrotate.conf.
Notifempty
Errors Jim
5) Configure the dump parameters for the specified file
It is often necessary to configure parameters for the specified file, a common example is the monthly dump/var/log/wtmp. The format of the parameters used for a particular file is:
# Notes
/full/path/to/file
{
Option (s)
}
The following example is a monthly dump/var/log/wtmp once:
#Use logrotate to rotate Wtmp6) Other issues to be aware of
A. Although the opening of the curly braces can be placed on the same line as other text, the curly braces at the end must be taken separately.
B. Using the Prerotate and postrotate options
The following example is a typical script/etc/logrotate.d/syslog, which is only valid for/var/log/messages.
The first line specifies that the script is valid for/var/log messages
The prerotate command specifies the previous action to dump
/usr/bin/chattr-a Remove "Append only" attribute of/var/log/messages file
Endscript End
Postrotate Specify the action after the dump
/usr/bin/killall-hup syslogd is used to reinitialize the System log daemon syslogd
/usr/bin/chattr +a/var/log/messages re-assigns the "Append only" attribute to the/var/log/messages file, preventing the programmer or user from overwriting the file.
The final endscript is used to end the Postrotate section of the script
C. The operation of Logrotate is divided into three steps:
Judging the system's log files, creating a dump plan and parameters, running the following code through Cron daemon is the Red Hat Linux default crontab to run Logrotate every day.
D. Reasons why/var/log/messages cannot occur:
This is rare, but if you turn off the 514/UDP port in the/etc/services, the file cannot be created.
7) Cron
Cron is a daemon that can be used to schedule execution of repetitive tasks based on a combination of time, date, month, and week.
Cron assumes that the system is running continuously. If the system is not running when a task is scheduled, the task will not be executed.
To use the Cron service, you must have the Vixie-cron RPM package installed and you must be running the Crond service. To determine if the package is installed, use the Rpm-q vixie-cron command. To determine whether the service is running, use the/sbin/service crond status command.
A. Configuring a cron task
The main configuration file for Cron is/etc/crontab, which includes the following lines:
The first four rows are variables that you can use to configure the Cron task runtime environment. The value of the shell variable tells the system which shell environment to use (in this case, the bash shell), and the path variable defines the paths used to execute the command. The output of the cron task is mailed to the user name defined by the MAILTO variable. If the MAILTO variable is defined as a blank string (mailto= ""), the e-mail message is not sent. The home variable can be used to set the home directory to use when executing a command or script.
Each line in the/etc/crontab file represents a task, in the form of:
Minute hour day Month DayOfWeek command
minute-minutes, any integer from 0 to 59
hour-hours, any integer from 0 to 23
day-any integer from 1 to 31 (if a month is specified, it must be a valid date for that month)
Month-month, any integer from 1 to 12 (or use the English abbreviations of the month such as Jan, Feb, etc.)
Dayofweek-week, any integer from 0 to 7, where the 0 or 7 represents Sunday (or use the English abbreviations of the week such as Sun, Mon, etc.)
command-commands to execute (commands can be commands such as Ls/proc >>/tmp/proc, or commands to execute scripts you write yourself. )
In any of these values, an asterisk (*) can be used to represent all valid values. For example, an asterisk in a month value means that the command is executed monthly after other constraints have been met.
The short line between integers (-) specifies an integer range. For example, 1-4 means integers 1, 2, 3, 4.
Specify a list with a series of values separated by commas (,). For example, 3, 4, 6, 8 indicate these four specified integers.
A forward slash (/) can be used to specify the interval frequency. Adding/<integer> after a range means that integers can be skipped within the range. For example, 0-59/2 can be used to define every two minutes in the Minutes field. The interval frequency value can also be used with asterisks. For example, the value of */3 can be used in the month field to indicate that the task runs every three months.
The line starting with the pound sign (#) is a comment and will not be processed.
As you can see in the/etc/crontab file, it uses the Run-parts script to perform/etc/cron.hourly,/etc/cron.daily,/etc/cron.weekly, and/etc/cron.monthly Scripts in the directory that are executed hourly, daily, weekly, or monthly. The files in these directories should be shell scripts.
If a cron task needs to be executed according to the schedule instead of hourly, daily, weekly, or monthly execution, it can be added to the/ETC/CRON.D directory. All files in this directory use the same syntax as in/etc/crontab. For example, see the following example.
# Record the memory usage of the system every MondayUsers other than the root user can use the Crontab tool to configure cron tasks. All user-defined crontab are saved in the/var/spool/cron directory and executed using the user who created them. To create a crontab project as a user, log on as the user, and then type the CRONTAB-E command to edit the user's crontab using the editor specified by the VISUAL or editor environment variable. The file uses the same format as the/etc/crontab. When a change to crontab is saved, the crontab file is saved according to the user name and written to the file/var/spool/cron/username.
The cron daemon examines changes in/etc/crontab files, etc/cron.d/directories, and/var/spool/cron directories every minute. If a change is found, they will be loaded into memory. This way, you do not have to restart the daemon when a crontab file changes.
B. Controlling the use of cron
/etc/cron.allow and/etc/cron.deny files are used to limit the use of cron. The two formats used by the control file are one user per line. None of the two files allow spaces. If the control file is modified, the cron daemon (crond) does not have to be restarted. Using control files is read every time a user adds or deletes a cron task.
The root user can always use cron regardless of what is specified in the control file.
If the Cron.allow file exists, only the users listed in it are allowed to use cron, and the Cron.deny file is ignored.
If the Cron.allow file does not exist, all users listed in Cron.deny are prohibited from using cron.
C. Start and stop services
To start the Cron service, use the/sbin/service crond Start command. To stop the service, use the/sbin/service crond Stop command. It is recommended that you start the service at boot time.
Linux using Cron,logrotate management log files
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
