Control Web Panel

WebPanel => CentOS 7 Problems => Topic started by: vbpal on July 06, 2019, 01:16:44 PM

Title: Logrotate for access_log and modsec_audit.log
Post by: vbpal on July 06, 2019, 01:16:44 PM
Hi all,

I've encountered an interesting problem. I'm using the latest CWPro on CentOs 7 64bit. My logrotate for apache logs are configured as: 

/usr/local/apache/domlogs/*.log /usr/local/apache/logs/*log{
        daily
        missingok
        rotate 15
        compress
        delaycompress
        notifempty
        sharedscripts
        dateext
        postrotate
                service httpd restart > /dev/null
        endscript
}

I've noticed that everything within the directory /usr/local/apache/domlogs/*.log has been properly rotated, however

The files:

-rw-r--r--. 1 root   root    12072873 Jul  6 06:20 error_log
-rw-r-----  1 root   root   135950722 Jul  6 08:33 modsec_audit.log
-rw-r--r--. 1 root   root    17917588 Jul  6 08:45 access_log

Have not been rotated. I did a test run using logrotate -d -f and it shows it would have rotated AND logrotate status shows:

"/usr/local/apache/logs/modsec_audit.log" 2019-7-6-8:10:21 so in theory this is all correct. I also checked permissions which seem appropriate.

Any ideas on why this is happening only for the logs in /usr/local/apache/logs?
Title: Re: Logrotate for access_log and modsec_audit.log
Post by: Igor S. on July 13, 2019, 04:41:38 PM
Try to add as the one config and check.

 /usr/local/apache/logs/*log{
        daily
        missingok
        rotate 15
        compress
        delaycompress
        notifempty
        sharedscripts
        dateext
        postrotate
                service httpd restart > /dev/null
        endscript
}
Title: Re: Logrotate for access_log and modsec_audit.log
Post by: ring_c on September 25, 2019, 08:29:42 AM
Thank you for the below, but I have one correction and one question:


Correction:
This
Code: [Select]
/usr/local/apache/logs/*log{ should be this
Code: [Select]
/usr/local/apache/logs/*log {(space before the { sign).

Question:
Why isn't it pre-configured in CWP? I've found my access_log is already 2GB of size!

TIA.



Try to add as the one config and check.

 /usr/local/apache/logs/*log{
        daily
        missingok
        rotate 15
        compress
        delaycompress
        notifempty
        sharedscripts
        dateext
        postrotate
                service httpd restart > /dev/null
        endscript
}
Title: Re: Logrotate for access_log and modsec_audit.log
Post by: pixelpadre on September 30, 2019, 01:41:41 PM
Yes I would like to know why the access log file is not rotated also.
Title: Re: Logrotate for access_log and modsec_audit.log
Post by: ring_c on May 22, 2020, 07:14:25 AM
Can we please get an answer?
Title: Re: Logrotate for access_log and modsec_audit.log
Post by: Chenrygreat on June 27, 2023, 04:35:49 PM
Use this and you will be fine. There should be "." before the log in apache/logs

/usr/local/apache/domlogs/*.log /usr/local/apache/logs/*.log{
        daily
        missingok
        rotate 15
        compress
        delaycompress
        notifempty
        sharedscripts
        dateext
        postrotate
                service httpd restart > /dev/null
        endscript
}