[root@Server~]# cat /etc/logrotate.conf
# see "man logrotate" for details
# rotate log files monthly
weekly
# keep 6 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# use date as a suffix of the rotated file
dateext
# uncomment this if you want your log files compressed
compress
# rotate when the log reaches a set size or the appropriate time has passed
maxsize 500M
# RPM packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp and btmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0600 root utmp
rotate 1
}
[root@Server logrotate.d]# pwd
/etc/logrotate.d
[root@Server logrotate.d]# cat syslog
/var/log/cron
/var/log/maillog
/var/log/messages
/var/log/secure
/var/log/spooler
{
missingok
sharedscripts
postrotate
/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true
touch /var/log/cron
touch /var/log/maillog
touch /var/log/secure
touch /var/log/spooler
/usr/bin/setfacl -m g:splunk:r /var/log/cron
/usr/bin/setfacl -m g:splunk:r /var/log/maillog
/usr/bin/setfacl -m g:splunk:r /var/log/messages
/usr/bin/setfacl -m g:splunk:r /var/log/secure
/usr/bin/setfacl -m g:splunk:r /var/log/spooler
endscript
}
[root@Server logrotate.d]#
No comments:
Post a Comment