1. Lets take a example.
To start the logging in DNS using Local Service,
We have to create a channel like query channel that sends the logs to
local0 system service & we have put these logging statements in named.conf file.
logging {
channel queries_channel {
syslog local0;
severity dynamic;
print-time yes;
print-severity yes;
};
category queries { queries_channel; };
};
2. Now, we edit rsyslog.conf file where local0 service listen all the query logs
sends by DNS & save locally on the file.
/var/log/query.log
For this, the statements in /etc/rsyslog.conf are as follows:
local0.* /var/log/query.log
Then restart the rsyslog service as
# service rsyslog restart
3. Now, we rotate this log file using logrotate utility.
Our requirements for log rotation are as follows:
a. We need to rotate the log on Daily basis.
b. We need the Max File Size is of 100 MB only & thereafter again create the
new 100 MB file with next set of logs.
c. While rotating the logs on daily basis, copy the present date logs to another file & start the main log file (/var/log/query.log) with zero data.
d. Rotate the Logs for 30 days.
e. Take the Backup of Logs in the Directory like /var/log/rsyslog/
f. If the file size exceed more than 100M then the next file is start with
.1 & therefore .2, .3, .4 in this way.
g. Save the 30 days log files as compressed files.
So, to achieve this, we use logrotate utility.
So, move to /etc/logrotate.d/ folder.
# cd /etc/logrotate.d/
Create a new file as rsyslog
# vi rsyslog
& Put the below code in this file to achieve our log rotation requirements.
/var/log/queries222.log {
daily
maxsize=100M
copytruncate
rotate 30
olddir /var/log/rsyslog
start 1
missingok
compress
}
To make the Log Rotation effective at this moment, run the command as:
# logrotate -f /etc/logrotate.conf
which start the rotation for this time.
4. The Logrotate is work combination-ally with cron or anacron to make it
automatically on daily or weekly or monthly basis.
So, to achieve this we need to modify the /etc/anacrontab file.
Open the file & do the following changes on it.
# /etc/anacrontab
# See anacron(8) and anacrontab(5) for details.
SHELL=/bin/sh
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
# The maximal random delay added to the base delay of the jobs
RANDOM_DELAY=0
# The jobs will be started during the following hours only
START_HOURS_RANGE=1-23
# Period in days delay in minutes job-identifier command
1 0 cron.daily nice run-parts /etc/cron.daily
7 25 cron.weekly nice run-parts /etc/cron.weekly
@monthly 45 cron.monthly nice run-parts /etc/cron.monthly
At last restart the crond service as:
# service crond restart
# chkconfig crond on
The Procedure for Log rotation is completed.
Thanks
Saurabh Srivastava
No comments:
Post a Comment