It’s always important to keep your server logs around for as long as it makes business sense. These maybe required for auditing system access, discovering abuses, or to identify root causes to problems, among other reasons.
The challenge, though, is that depending on the service being provided and the amount of traffic received, your logs are capable of growing to gargantuan sizes, consuming every last bit of disk space available.
Logrotate allows us to better manage our logs to prevent from consuming too much disk space.
Installation
Logrotate is installed by default on most recent distributions, so there is nothing to be done other than using it.
Create a Log Rotate Configuration
Logrotate configuration files are stored under /etc/logrotate.d
/var/www/mysite/log/*.log {
su www-data www-data
daily
missingok
rotate 8
compress
notifempty
create 0640 www-data www-data
sharedscripts
postrotate
sudo service apache2 reload
endscript
}Test Your Configuration
As with anything, before you roll your configuration into production you will want to test it to ensure everything works.
Logrotate includes a feature that allows us to run a configuration, in debug mode, without it doing any work. If there are errors discovered in the syntax or some other issues, you will be notified.
sudo logrotate -d /etc/logrotate.d/mysite.confDepending on how long your web server has run, the output may vary. Below an example for a new web server instance.
empty log files are not rotated, old logs are removed
considering log /var/www/mysite/log/access_log
log does not need rotating
considering log /var/www/mysite/log/error_log
log does not need rotating
not running postrotate script, since no logs were rotatedNone of the logs were rotated since I ran the test on a server that was newly built. However, if the logs had more content and were aged a little more, we would see a message indicating our logs were rotated. For now, we can take this as our configuration file syntax is correct.
Run your configuration
Whether you are ready to run it for the first time or execute one-off, you can run your configuration file with the following command.
sudo logrotate --force /etc/logrotate.d/mysite.confHey, I’m getting an error. What am I doing wrong?
Before you start panicking, do consider the following most common mistakes:
- Ensure no clashing instructions exists in your configuration file. For instance setting both the
sizeanddailyat the same time will make the script failing. - Ensure the file in
/etc/logrotate.d/mysite.confis owned by therootuser. To do so usesudo chown root:root /etc/logrotate.d/mysite.conf. - Ensure the file in
/etc/logrotate.d/mysite.confhas the 644 permission at least. Again, you can change it with asudo chmod 644 /etc/logrotate.d/mysite.conf. - If you save your log files (as I do) in the webserver folder - so I can later SSH on them - ensure your files are managed with the users permission of your destination folder. For example, my log files are owned by
www-data:www-data, then I addsu www-data www-datato/etc/logrotate.d/mysite.conf.