logrotate 1) is an application running as a linux service that allows:
Each log file may be handled daily, weekly, monthly, or when it grows too large.
All configuration file via the main configuration
logrotate /etc/logrotate.conf
A specific configuration file
logrotate /etc/logrotate.d/nginx
logrotate reads everything about the log files it should be handling from the series of configuration files.
Sample logrotate configuration file:
# global options
# logs are compressed after they are rotated.
compress
"/var/log/httpd/access.log" /var/log/httpd/error.log {
rotate 5
mail [email protected]
size 100k
# could be weekly or monthly
sharedscripts
postrotate
/usr/bin/killall -HUP httpd
endscript
}
where:
See logrotate for more syntax element
On a line basis where the first character is a #
Default state file.
/etc/logrotate.conf
# rotate log files weekly
weekly
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# use date as a suffix of the rotated file
dateext
# uncomment this if you want your log files compressed
#compress
# RPM packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp and btmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0600 root utmp
rotate 1
}
if errors occur for more than one file, the log files are not compressed.
Usage: logrotate [OPTION...] <configfile>
-d, --debug Don't do anything, just test (implies -v)
-f, --force Force file rotation
-m, --mail=command Command to send mail (instead of `/bin/mail')
-s, --state=statefile Path of state file
-v, --verbose Display messages during rotation
-l, --log=STRING Log file
--version Display version information
Help options:
-?, --help Show this help message
--usage Display brief usage message
with the following Ansible template task
- name: Create logrotate entry for /var/log/myapp.log
template: src=templates/logrotate_myapp.j2 dest=/etc/logrotate.d/myapp owner=root group=root mode=0644
/var/log/myapp.log {
rotate 7
daily
compress
missingok
notifempty
}
When using logrotate, you may get this kind of error:
error: skipping "/var/log/*.log" because parent directory has insecure permissions
(It's world writable or writable by group which is not "root")
Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
To resolve this error, you have 2 solutions:
Example for nginx, if you create a nginx user and nginx group
/var/log/nginx/*.log {
su nginx nginx
create 0640 nginx nginx
....
}