Rajesh Kumar

How to Install and configure Logroate in Linux?

Posted by

rajeshkumar

almalinux os

To configure logrotate in AlmaLinux, you can follow these steps to ensure your system logs are properly managed and rotated. Logrotate is a system utility that manages the automatic rotation and compression of log files. If logrotate isn’t already installed, you can install it using the package manager, and then configure it by creating or editing configuration files.

Step 1: Install Logrotate

First, make sure logrotate is installed on your system. You can install it using the dnf package manager:

sudo dnf install logrotate

Step 2: Create or Edit a Logrotate Configuration File

Logrotate configurations are usually stored in /etc/logrotate.conf for global settings, and additional custom settings can be placed in /etc/logrotate.d/.

  1. Edit the main configuration file: Open /etc/logrotate.conf in a text editor:bashCopy codesudo nano /etc/logrotate.conf This file contains global settings and defaults.
  2. Create a custom logrotate file: It’s a common practice to create individual configuration files for different applications under /etc/logrotate.d/. For example, to create a logrotate configuration for your custom application logs:
sudo nano /etc/logrotate.d/myapp

Add configuration options like:

/var/log/myapp/*.log {
    daily
    rotate 14
    compress
    delaycompress
    missingok
    notifempty
    create 0640 root adm
    sharedscripts
    postrotate
        /usr/bin/systemctl reload myapp.service > /dev/null
    endscript
}
  1. Here’s what each directive means:
    • daily: Rotate the logs daily.
    • rotate 14: Keep 14 copies of the log files.
    • compress: Compress (gzip) the log files.
    • delaycompress: Compress the previous day’s log files.
    • missingok: Do not output an error if the log file is missing.
    • notifempty: Do not rotate the log if it is empty.
    • create 0640 root adm: Create new log files with set permissions/owner/group.
    • sharedscripts: Run the scripts at the end only once, not for each log file which is rotated.
    • postrotate/end script: Commands inside this block are executed after the log file is rotated.

Step 3: Test Your Configuration

To test your logrotate configuration:

sudo logrotate --debug /etc/logrotate.conf

This command will show you what logrotate will do, but it won’t actually rotate the logs. It's useful for making sure your configurations are set up correctly.

Manually Run Logrotate

sudo logrotate -vf /etc/logrotate.conf

-v (verbose) will give you detailed output.
-f (force) will force the rotation.

Step 4: Automate Logrotate

Logrotate is typically automated as a daily cron job. Check the /etc/cron.daily/logrotate script to ensure it’s being run automatically by cron.

The logrotate process typically runs automatically on most Linux distributions, including AlmaLinux, as it is usually set up as a daily cron job during installation. However, if you need to ensure it is set up and running, or if you want to customize its schedule, here’s a step-by-step guide on how to automate logrotate.

Verify Logrotate Installation

First, make sure logrotate is installed and check if the cron job is already in place:

rpm -q logrotate
ls -l /etc/cron.daily/logrotate

How to see all the log file which is being rotated with schedule\

cat /etc/logrotate.conf
cat /etc/logrotate.d/<file>

grep -E "^\s*[^\s#]" /etc/logrotate.conf
grep -E "^\s*[^\s#]" /etc/logrotate.d/*

This will list all non-commented lines, which typically include the log file paths and rotation settings.

Understand the Default Automation

By default, logrotate is run by a script in /etc/cron.daily/. This directory contains scripts that are run daily by cron. The logrotate script in this directory typically looks something like this:

$ vi /etc/cron.daily/logrotate 

#!/bin/sh

/usr/sbin/logrotate /etc/logrotate.conf
EXITVALUE=$?
if [ $EXITVALUE != 0 ]; then
    /usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]"
fi
exit 0

Ensure the Cron Daemon is Running

sudo systemctl status crond.service
sudo systemctl restart crond.service
sudo systemctl enable crond.service

Check Logrotate Status and Logs

sudo grep logrotate /var/log/syslog
sudo grep logrotate /var/log/messages

cat /var/lib/logrotate/status
or
cat /var/lib/logrotate/logrotate.status

Check for Errors or Misconfigurations

Sometimes logrotate may not work due to errors in the configuration files. Validate the syntax:

Test logrotate configuration:

sudo logrotate --debug /etc/logrotate.conf

This command will perform a dry run and print out what logrotate would do without actually rotating the logs.

OPTIONAL

Customize the Automation (Optional)
If you want logrotate to run more frequently than once a day, you can create a custom cron job:

Open the cron table for editing:

sudo crontab -e
Add a new line for your custom schedule:For example, to run logrotate every 12 hours, you could add:

0 */12 * * * /usr/sbin/logrotate /etc/logrotate.conf
This cron job runs at minute 0 every 12th hour of every day.
Save and exit the editor.

Permission Error

[root@ip-172-31-14-247 logrotate.d]# sudo grep logrotate /var/log/messages
Jun 11 00:00:01 ip-172-31-14-247 logrotate[4063447]: error: failed to open config file usertracker: Permission denied
Jun 11 00:00:01 ip-172-31-14-247 logrotate[4063447]: error: found error in file usertracker, skipping
Jun 11 00:00:01 ip-172-31-14-247 systemd[1]: logrotate.service: Main process exited, code=exited, status=1/FAILURE
Jun 11 00:00:01 ip-172-31-14-247 systemd[1]: logrotate.service: Failed with result 'exit-code'.
Jun  9 00:00:00 ip-172-31-14-247 logrotate[3950100]: error: failed to open config file usertracker: Permission denied
Jun  9 00:00:00 ip-172-31-14-247 logrotate[3950100]: error: found error in file usertracker, skipping
Jun  9 00:00:00 ip-172-31-14-247 systemd[1]: logrotate.service: Main process exited, code=exited, status=1/FAILURE
Jun  9 00:00:00 ip-172-31-14-247 systemd[1]: logrotate.service: Failed with result 'exit-code'.
Jun 10 00:00:00 ip-172-31-14-247 logrotate[4007463]: error: failed to open config file usertracker: Permission denied
Jun 10 00:00:00 ip-172-31-14-247 logrotate[4007463]: error: found error in file usertracker, skipping
Jun 10 00:00:00 ip-172-31-14-247 systemd[1]: logrotate.service: Main process exited, code=exited, status=1/FAILURE
Jun 10 00:00:00 ip-172-31-14-247 systemd[1]: logrotate.service: Failed with result 'exit-code'.
Jun 11 00:00:01 ip-172-31-14-247 logrotate[4063447]: error: failed to open config file usertracker: Permission denied
Jun 11 00:00:01 ip-172-31-14-247 logrotate[4063447]: error: found error in file usertracker, skipping
Jun 11 00:00:01 ip-172-31-14-247 systemd[1]: logrotate.service: Main process exited, code=exited, status=1/FAILURE
Jun 11 00:00:01 ip-172-31-14-247 systemd[1]: logrotate.service: Failed with result 'exit-code'.

Ensure that the log files and their directories have the correct permissions for logrotate to read and write.

Troubleshooting steps to ensure logrotate is functioning correctly

Step 1: Check Permissions

Ensure that the usertracker configuration file has the correct permissions, and logrotate can access it.

sudo chmod 644 /etc/logrotate.d/usertracker
sudo chown root:root /etc/logrotate.d/usertracker

Step 2: Manually Trigger Log Rotation

You can manually trigger the logrotate to see if it works as expected:

sudo logrotate -f /etc/logrotate.conf

The -f flag forces the rotation, even if it would not normally rotate.

Step 3: Verify Crontab for Logrotate

Ensure that logrotate is scheduled to run automatically. Check the crontab:

sudo crontab -l | grep logrotate

You should see an entry similar to:

0 0 * * * /usr/sbin/logrotate /etc/logrotate.conf

This entry schedules logrotate to run every day at midnight.

Step 4: Check System Logs

After ensuring permissions and running the manual logrotate, check the system logs again to verify there are no errors:

sudo grep logrotate /var/log/messages

Step 5: Validate Configuration Files

Ensure all logrotate configuration files are correctly set up and valid:

sudo logrotate --debug /etc/logrotate.conf

This command will show any potential issues with the logrotate configuration files.

Step 6: Confirm Service Status

Make sure the logrotate service is active and running without issues:

sudo systemctl status logrotate

If it’s not running, start or restart the service:

sudo systemctl start logrotate

or

sudo systemctl restart logrotate

Step 7: Review logrotate Status and Output

After confirming the service status and manual rotation, ensure no further errors are present in the logs.

rajeshkumar

Leave a Reply

Your email address will not be published. Required fields are marked *

Follow Us

Recent Posts

Categories

Tags

There’s no content to show here yet.