i'd like to have logrotate compress the logs that are older than 3 days. Is this possible with logrotate, or do i just schedule a cron job to bzip everything under the folder older than 3 days?
Is the logrotate.conf settings global/apply to what is in logrotate.d/? I have olddir /var/log/old_logs in logrotate.conf but logrotate is not placing old rsyslogs in /var/log/old_logs for logrotate.d/rsyslog
I'm working on changing some badly named files, lots of them. I have a little script I use to change uppercase to lowercase:
[Code]....
Bear in mind all these files have appropriate numbers in the front of each filename. I need help to change ONLY the first letter after each underscore to an uppercase letter. I'm sure this can be done but I've done so much searching in forums and with Google/linux until I'm scrambled.
We started hosting some very large content on our site, and the usage patterns in cacti have revealed that the HTTP sessions through our load-balancers drop off dramatically right at midnight.
The logrotate process runs right at midnight, and issues a reload command through the service tool (CentOS 5.5): Code: $ cat /etc/logrotate.d/httpd /data/websites/logs/*_log /var/log/httpd/*log { missingok daily dateext compress rotate 7 sharedscripts postrotate /sbin/service httpd reload > /dev/null 2>/dev/null || true endscript }
Looking at the init script reveals that the reload section is suppose to trigger a HUP of the httpd process: Code: reload() { echo -n $"Reloading $prog: " if ! LANG=$HTTPD_LANG $httpd $OPTIONS -t >&/dev/null; then RETVAL=$? echo $"not reloading due to configuration syntax error" failure $"not reloading $httpd due to configuration syntax error" else killproc -p ${pidfile} $httpd -HUP RETVAL=$? fi echo }
In which, Apache should reload it's configuration and start the new logfile without breaking current sessions. However that clearly isn't what is going on. I'm tempted to edit the logrotate script to trigger a HUP directly by cat'ing the PID file directly. Is this normal behavior for Apache when signaled with a HUP?
My squid server works fine in fedora 11 system . Is there any web like interface for admins to create,change,modify users of squid and to view their logs.
Code: for x in *.mkv; do rename "$x" "${line_from_filenames.txt}.mkv"; done; ls -1 ~/kids/movies/*.mkv 00.20080903fckdlowp.mkv 01.20080911fckdl2fd.mkv 02.20080925fckdlgrs.mkv 03.20081026fckdlbh7.mkv 04.20081206fckdli90.mkv 05.20090214fckdmkni.mkv [Code]....
For some time now I've been unable to see changelogs for packages to be upgraded in Wheezy,even trying with different mirrors in sources.list all I'm getting is this:
Code: Select allaptitude changelog iceweasel Err Changelog of iceweasel E: Changelog download failed: 404 Not Found [IP: 185.31.16.185 80] Err Changelog of iceweasel E: Changelog download failed: 404 Not Found [IP: 185.31.16.185 80] E: Couldn't find a changelog for iceweasel
[Code] ....
Is there maybe some specific reasons why I can't get changelogs before applying the updates? I know I can review them afterwards,it's just that I would find convenient to have a look before updating.
I'm working on a thorny mod_rewrite problem. I have a mac connected to my LAN running MAMP (Mac/Apache/MySQL/PHP). I request a non-existent file:
Code: http://192.168.1.2:8888/careers/db/1.html I see this in the mod_rewrite log file:
Code: 192.168.1.102 - - [14/Nov/2009:13:46:07 --0800] [192.168.1.2/sid#807df8][rid#8ec850/initial] (2) init rewrite engine with requested uri /careers/db/1.html 192.168.1.102 - - [14/Nov/2009:13:46:07 --0800] [192.168.1.2/sid#807df8][rid#8ec850/initial] (1) pass through /careers/db/1.html Note that the requested uri is /careers/db/1.html
If I change just the file extension on my request to PHP like so:
Code: [URL]
Then the request uri is totally different now. Here's the rewrite log:
Code: 192.168.1.102 - - [14/Nov/2009:13:47:23 --0800] [192.168.1.2/sid#807df8][rid#8fc850/initial] (2) init rewrite engine with requested uri /Applications/MAMP/htdocs/careers/ 192.168.1.102 - - [14/Nov/2009:13:47:23 --0800] [192.168.1.2/sid#807df8][rid#8fc850/initial] (1) pass through /Applications/MAMP/htdocs/careers/ Note that the requested uri now has a full path which does not include the actual filename, /Applications/MAMP/htdocs/careers/
What the heck? More info. If I request [URL], I can actually access p1.php. The requested uri is /careers/db/p1.php. The problem appears to be because the filename starts with a number. I can also request [URL] and get thru to 1.php with requested uri /careers/db//1.php. Does mod_rewrite think /1 refers to a backreference or something? Why can apache handle the html file request properly and not the php file request?
I would like to monitor a RedHat via snmp. I would like to make available data via snmp. The data that I would like to graph are only present in logs file. Is it possible to parse data from applicative logs and have them available for my cacti server via snmp? I already monitor CPU, mem, and others with cacti using the standard MIB.What would be the logical step I would need to achieve that?
I Have RHEL4 running on IBM X3550 server, we request IBM support regarding issues with this server, they will request for IBM DSA logs. The logs are quite extensive and cover almost all server config & can identify hardware issues with drivers...etc. I want to know if there is a way to analysis those logs offline without sending them to IBM support?
I need to logrotate logs in directories in /var/log/httpd/.
There are 4 directories in /var/log/httpd/... these directories are /var/log/httpd/access/ /var/log/httpd/debug/ /var/log/httpd/error/ /var/log/httpd/required/
Each of the access, required, error and debug directories have around 20 to 30 access log files of different locations for example:mumbai-access.log, pune-access.log etc..same is the case for 'error' dir 'required' dir and 'debug' dir in /var/log/httpd/
I need to clean up the logfiles in all the 4 directories access, error, debug and required...
I have made a custom logrotate file as follows:
Is the above config correct?
Am I missing something? Will this logrotate the files in /var/log/httpd/access, /var/log/httpd/error, /var/log/httpd/required and /var/log/httpd/error ?
Do i need to include following line in postrotate " /bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true" ?
Recently I noticed that on my Centos 5.4 system, yum no longer works and is giving segmentation faults. I can run "yum --help" and it works, but if I try to run something like "yum upgrade php" it will fault. I also noticed that other things are seg faulting as well, like /usr/sbin/logrotate and /usr/bin/certwatch.
I am guessing there is some sort of common library that needs fixing, but I have no idea what. I've read other posts about the yum segmentation fault and have tried various steps provided but so far no luck in getting it to work again. It used to work, and I rarely change this system so I'm not sure what could have caused it.
I have CentOS 5. From sometime logrotate is not working and maillog for example is very big. It is the same for all logfiles. I run "logrotate -d -f /etc/logrotate.conf" but nothing happened. Cron seams to work as I see it with ps -ef |grep cron
I was wondering how could I specify for how long the logs will be kept. Rsyslog doesn't have such an option (at least I didn't find it).Do I have to use logrotate for this, or is there some other option?
how to check maillogs for previous days. wht is command to check log for yesturday in sendmail8.14 .fedora os i know /var/log/maillog.this gives o/p for today but wht abut yesturday.?
Iam looking security specific event ID on Linux .hear are thousnds of event ID in Microsoft Windows/XP and VISTA etc. Similar way looking for Linux,unix ,Solaries,AIX etc event ID. I would to correlate and implement with Arcsight.
We are forwarding logs (perl script executed logs) to one Red Hat Linux box. We have to get 97 logs for each time the script runs. But we see inconsistent number of logs coming to Linux box. Like one time we got 56, other time 3 , other time 43.. like this.. We are sure that 97 logs are being forwarded. Checked the Rsyslog.config filer any filters and couldn't see any filter dropping them. When we run the tcpdump, we can see 97 connections, but logs are not there in specified location.
whenever the log file (test.log) exceeds 100M a new file will be created with the file name as test.'date'.'gz'(new file is created with a current date and in a compressed format of gz) and also with permission mentioned above). I really dont know what is the role of rotate( will this be carried on only for next 4times i mean upto 400MB; (4times*file reaches 100MB)? and also what could be the purpose of postrotate?
I am installing RHEL 5.5 to be a syslog server to collects logs from servers (HP-UX, Linux, Windows and Cisco Network Devices). and i can now collect logs from my windows PC on syslog linux server by using Datagram SyslogAgent software. can collect logs from HP-UX 11.23 server. and i configuring the Unix server as in the steps below:
1. Log in as root
2. Go to /etc/syslog.conf
3. Add a line: *.*<tab>@<Sentinel Server IP Address>