Sysadmin Disable log rotate?

arlon · Jan 27, 2018

this is regarding my previous thread about log PHP-FPM - php error not written on php error log file

is it possible to disable log rotate? because php, php-fpm, nginx, mysql use daily log rotate
log will be compressed to a gz file, so i must un gz file to check log

can i change log rotate to monthly or yearly or make it on one file only? so i can check my log fates.. because my website is small and its not much log created,

Please fill in any relevant information that applies to you:

CentOS Version: CentOS 6 64bit

Centmin Mod Version Installed: 123.09beta01

Nginx Version Installed: 1.12.2

PHP Version Installed: 5.6.33

MariaDB MySQL Version Installed: 10.1.21

When was last time updated Centmin Mod code base ? : today

Persistent Config: Do you have any persistent config file options set in /etc/centminmod/custom_config.inc ? no

cat /etc/centminmod/custom_config.inc

Post output in CODE tags.

eva2000 · Jan 27, 2018

not advisable to disable log rotation as log size can get out of control. Standard method is not to unzip/uncompress logs but to use the appropriate commands like zcat/zgrep, xzcat/xzgrep and bzcat/bzgrep to manipulate and view compressed logs for .gz, .xz and .bz2 compressed files respectively

Code (Text):

rpm -ql gzip xz bzip2 | egrep 'bin\/z[cat,grep]|bin\/xz[cat,grep]|bin\/bz[cat,grep]'
/usr/bin/zcat
/usr/bin/zcmp
/usr/bin/zegrep
/usr/bin/zgrep
/usr/bin/xzcat
/usr/bin/xzcmp
/usr/bin/xzegrep
/usr/bin/xzgrep
/usr/bin/bzcat
/usr/bin/bzcmp
/usr/bin/bzgrep

so instead of

Code (Text):

cat /path/to/logname.log
grep 'keyword' /path/to/logname.log

for gzip compressed and rotated logs i.e. logname.log.gz would be

Code (Text):

zcat /path/to/logname.log.gz
zgrep 'keyword' /path/to/logname.log.gz

example tail the last 5 lines of compressed csf firewall lfd log

Code (Text):

zcat /var/log/lfd.log-20180122.gz | tail -5 | sed -e "s|$(hostname -s)|hostname|g"
Jan 22 00:45:03 hostname lfd[30008]: IPSET: switching set new_BDESTRONGIPS to bl_BDESTRONGIPS
Jan 22 00:45:03 hostname lfd[30008]: IPSET: loading set new_6_BDESTRONGIPS with 0 entries
Jan 22 00:45:03 hostname lfd[30008]: IPSET: switching set new_6_BDESTRONGIPS to bl_6_BDESTRONGIPS
Jan 22 02:10:24 hostname lfd[14455]: (sshd) Failed SSH login from 54.37.42.23 (FR/France/ip23.ip-54-37-42.eu): 5 in the last 3600 secs - *Blocked in csf* [LF_SSHD]
Jan 22 02:41:27 hostname lfd[20299]: (sshd) Failed SSH login from 111.231.239.220 (CN/China/-): 5 in the last 3600 secs - *Blocked in csf* [LF_SSHD]

or zgrep filter for SSH failed logins in csf firewall lfd compressed log

Code (Text):

zgrep 'Failed SSH login' /var/log/lfd.log-20180122.gz | tail -5 | sed -e "s|$(hostname -s)|hostname|g"   
Jan 21 22:00:56 hostname lfd[23639]: (sshd) Failed SSH login from 95.128.45.223 (GB/United Kingdom/95-128-45-223.aquaray.com): 5 in the last 3600 secs - *Blocked in csf* [LF_SSHD]
Jan 21 22:23:36 hostname lfd[27895]: (sshd) Failed SSH login from 27.72.61.42 (VN/Vietnam/-): 5 in the last 3600 secs - *Blocked in csf* [LF_SSHD]
Jan 21 23:15:56 hostname lfd[9140]: (sshd) Failed SSH login from 91.121.89.222 (FR/France/ovh.perriot.fr): 5 in the last 3600 secs - *Blocked in csf* [LF_SSHD]
Jan 22 02:10:24 hostname lfd[14455]: (sshd) Failed SSH login from 54.37.42.23 (FR/France/ip23.ip-54-37-42.eu): 5 in the last 3600 secs - *Blocked in csf* [LF_SSHD]
Jan 22 02:41:27 hostname lfd[20299]: (sshd) Failed SSH login from 111.231.239.220 (CN/China/-): 5 in the last 3600 secs - *Blocked in csf* [LF_SSHD]

Log in / Register

Forums

Join the community today

Sysadmin Disable log rotate?

arlon Member

eva2000 Administrator Staff Member

.

Log in / Register

Useful Searches

Join the community today

Sysadmin Disable log rotate?

arlon Member

eva2000 Administrator Staff Member

.