Logging Configuration Guide for Gentoo Infrastructure Servers
1.
Configuring sysklogd
sysklogd is required to be configured and running on all Gentoo Infrastructure servers. Below are sample configuration settings for sysklogd:
Code Listing 1.1: /etc/syslog.conf |
# /etc/syslog.conf Configuration file for syslogd.
#
# First some standard logfiles. Log by facility.
#
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
local6.* /var/log/rsync.log
local4.* /var/log/ldap.log
local3.* /var/log/xinetd.log
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
|
2.
Configuring and running logrotate
We use logrotate to facilitate log rotations.
Code Listing 2.1: /etc/logrotate.conf |
# sample logrotate configuration file
/var/log/apache/*.httpd {
rotate 30
daily
postrotate
/etc/init.d/apache restart
endscript
}
/var/log/*.log {
rotate 14
daily
postrotate
/bin/kill -HUP `pidof syslogd`
endscript
}
|
Code Listing 2.2: logrotate.cron script for /etc/cron.daily |
#! /bin/sh
/usr/sbin/logrotate /etc/logrotate.conf
|
In general, log files should be kept around a minimum of 2 weeks, longer if disk space allows for it.
|
