November 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  

Categories

November 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  

Log Rotation Apache

I have installed apache 2.2 on RHEL 5.7. It is working over ssl connection. I want to use rotatelog feature provided by apache.
My httpd.conf file for specifying logs location is as below :

ErrorLog “|/apps/apache/bin/rotatelogs /mnt/nfs4/logs/apache/error_log.%Y-%m-%d 10M”
<IfModule log_config_module>
LogFormat “%h %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”” combined
LogFormat “%h %l %u %t \”%r\” %>s %b” common

<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat “%h %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\” %I %O” combinedio
</IfModule>

CustomLog “|/apps/apache/bin/rotatelogs /mnt/nfs4/logs/apache/access_log.%Y-%m-%d 50K” combine
</IfModule>

Configuration file for ssl is httpd-ssl.conf. It contains following entry for log :

ErrorLog “/mnt/nfs4/logs/apache/error_log”
TransferLog “/mnt/nfs4/logs/apache/access_log”
CustomLog “|/apps/apache/bin/rotatelogs /mnt/nfs4/logs/apache/ssl_request_log.%Y-%m-%d 5M” \
“%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \”%r\” %b”

ErrorLog   “|/usr/local/apache2.22/bin/rotatelogs /usr/local/apache2.22/logs/error_log.%Y-%m-%d 10M”

CustomLog “|/usr/local/apache2.22/bin/rotatelogs /usr/local/apache2.22/logs/access_log.%Y-%m-%d 50M” common

SSLLOGS

ErrorLog    “|/usr/local/apache2.22/bin/rotatelogs  /usr/local/apache2.22/logs/ssl_error_log.%Y-%m-%d 100M”
TransferLog “|/usr/local/apache2.22/bin/rotatelogs /usr/local/apache2.22/logs/ssl_access_log.%Y-%m-%d 100M”

CustomLog “| /usr/local/apache2.22/bin/rotatelogs /usr/local/apache2.22/logs/ssl_request_log.%Y-%m-%d 100M” \
          “%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \”%r\” %b”

 

 1) Install Cronolog.  You can download it here:
http://cronolog.org/download/index.html

The installation is pretty straightforward with the standard commands

Linux# ./configure
Linux# make
Linux# make install

2) Add these lines to your httpd.conf file (and don$B!G(Bt forget to comment out
the ErrorLog and CustomlLog lines that you$B!G(Bre replacing):

ErrorLog $B!H(B|/usr/local/sbin/cronolog -l /var/log/httpd/Ryans-error_log
/var/log/httpd/Ryans-error_log-%Y-%m-%d$B!I(B

CustomLog $B!H(B|/usr/local/sbin/cronolog -l /var/log/httpd/Ryans-access_log
/var/log/httpd/Ryans-access_log-%Y-%m-%d$B!I(B combined

3) Restart your httpd server.

Linux# /etc/init.d/httpd restart

almost exclusively use cronolog over logrotate. Logrotate comes with Debian,
and I allow it to keep working for the system services like the mail server
logs. But for apache and lighttpd log files, it’s all cronolog.

One of of the reasons why I use cronolog is that all the configuration
happens in the log-file line of the web server config

e.g. in a lighttpd config file, you could put :

accesslog.filename = “|/usr/bin/cronolog –symlink=”/var/log/webs/access.log
/var/log/webs/%Y/%W-access.log”

And all get a a new log file every week without any other configuration. Or
you could get creative and do something like :

accesslog.filename = “|/usr/bin/cronolog –symlink=”/var/log/webs/access.log
/var/l

is would work:

ErrorLog  “|/usr/bin/cronolog /path/to/logs/%Y-%m-%d/error.log”
CustomLog “|/usr/bin/cronolog /path/to/logs/%Y-%m-%d/access.log” combined

 

 

  How do I rotate log files under Linux operating system?

 

 

 

ou need use tool called logrotate, which is designed to ease administration of systems that generate large numbers of log files. It allows automatic rotation, compression, removal, and mailing of log files.

Each log file may be handled daily, weekly, monthly, or when it grows too large. With this tool you keep logs longer with less disk space.

Default configuration file

The default configuration file is /etc/logrotate.conf:
# see "man logrotate" for details
# rotate log files weekly
weekly
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# uncomment this if you want your log files compressed
#compress
# RPM packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
rotate 1
}
Service or server specific configurations stored in /etc/logrotate.d directory, for example here is sample apache logrotate configuration file:# cat /etc/logrotate.d/httpdOutput:

/var/log/httpd/*.log {
 weekly
 rotate 52
 compress
  missingok
  notifempty
  sharedscripts
  postrotate
      /bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true    endscript
}

Where,

  • weekly : Log files are rotated if the current weekday is less then the weekday of the last rotation or if more then a week has passed since the last rotation.
  • rotate 52 : Log files are rotated 52 times before being removed or mailed to the address specified in a mail directive. If count is 0, old versions are removed rather then rotated.
  • compress : Old versions of log files are compressed with gzip to save disk space.
  • missingok : If the log file is missing, go on to the next one without issuing an error message.
  • notifempty : Do not rotate the log if it is empty
  • sharedscripts : Normally, prerotate and postrotate scripts are run for each log which is rotated, meaning that a single script may be run multiple times for log file entries which match multiple files. If sharedscript is specified, the scripts are only run once, no matter how many logs match the wildcarded pattern. However, if none of the logs in the pattern require rotating, the scripts will not be run at all.
  • postrotate
    /bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true
    endscript : The lines between postrotate and endscript (both of which must appear on lines by themselves) are executed after the log file is rotated. These directives may only appear inside a log file definition.

 

 

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>