sysklogd is required to be configured and running on all Gentoo Infrastructure servers. Below are sample configuration settings for sysklogd:
Code Listing 1.1: /etc/syslog.conf |
# /etc/syslog.conf Configuration file for syslogd. # # First some standard logfiles. Log by facility. # auth,authpriv.* /var/log/auth.log *.*;auth,authpriv.none -/var/log/syslog cron.* /var/log/cron.log daemon.* -/var/log/daemon.log local6.* /var/log/rsync.log local4.* /var/log/ldap.log local3.* /var/log/xinetd.log (Make sure that services such as rsyncd, xinetd and others are configured to use the localN log specified) # # Logging for the mail system. Split it up so that # it is easy to write scripts to parse these files. # mail.info -/var/log/mail.info mail.warn -/var/log/mail.warn mail.err /var/log/mail.err (This section should be commented out for Gentoo mail servers since qmail and exim provide their own logging facilities.) |
2. Configuring and running logrotate
We use logrotate to facilitate log rotations.
Code Listing 2.1: /etc/logrotate.conf |
# sample logrotate configuration file
/var/log/apache/*.httpd {
rotate 30
daily
postrotate
/etc/init.d/apache restart
endscript
}
(The section above should be ommitted if the server is not running apache)
/var/log/*.log {
rotate 14
daily
postrotate
/bin/kill -HUP `pidof syslogd`
endscript
}
|
Code Listing 2.2: logrotate.cron script for /etc/cron.daily |
#! /bin/sh /usr/sbin/logrotate /etc/logrotate.conf |
In general, log files should be kept around a minimum of 2 weeks, longer if disk space allows for it.