linux - raspberry pi で syslog-ng で logrotate を使用する (古いログを削除するには?)

Question

Ok..

Cisco ASA と Cisco ルーターの syslog サーバーとしてラズベリーパイを使用しています。

/var/log/network 宛先にログが取り込まれています。それらは現在、デバイスとして ROUTER または FIREWALL を使用して、_$MONTH$DAY$YEAR.log の形式でログに記録されています。

これまでのところ、うまく機能しています！ルーターとファイアウォールの両方について、1 日ごとに分割されたログを取得しています。問題は、非常に大きなログを取得していることです... ASA のおかげで非常に高速です。

私はlogrotateが初めてなので、これは私がこれまでに持っているものです:

/etc/logrotate.d/syslog-ng ディレクトリに...

    /var/log/network/*.log*
   { 
    rotate 5
   }

logrotate.conf ファイルのグローバルオプションの場合:

admin@kylespi:/etc$ more logrotate.conf
# see "man logrotate" for details
# rotate log files weekly
weekly

# keep 4 weeks worth of backlogs
rotate 4

# create new (empty) log files after rotating old ones
create

# uncomment this if you want your log files compressed
#compress

# packages drop log rotation information into this directory
include /etc/logrotate.d

# no packages own wtmp, or btmp -- we'll rotate them here
/var/log/wtmp {
missingok
monthly
create 0664 root utmp
rotate 1
}

/var/log/btmp {
missingok
monthly
create 0660 root utmp
rotate 1
}

今... logrotate を強制的に実行しようとすると:

sudo logrotate /etc/logrotate.d -v

（rotate 5コマンドに基づいて）5日以上経過したファイルを削除する代わりに..私はこれを取得します：

admin@kylespi:/etc$ sudo ls /var/log/network
FIREWALL_03052014.log              FIREWALL_03072014.log                  FIREWALL_03092014.log.1.1.1.1.1.1  FIREWALL_03122014.log.1.1.1.1.1.1
FIREWALL_03052014.log.1.1.1.1.1.1  FIREWALL_03072014.log.1.1.1.1.1.1      FIREWALL_03102014.log.1.1.1.1.1.1  ROUTER_03082014.log
FIREWALL_03062014.log              FIREWALL_03082014.log                  FIREWALL_03112014.log.1.1.1.1.1.1

FIREWALL_03062014.log.1.1.1.1.1.1 FIREWALL_03082014.log.1.1.1.1.1.1 FIREWALL_03122014.log

それが役立つ場合、「logrotate /etc/logrotate.d -v」コマンドの出力には次のように表示されます。

admin@kylespi:/etc/logrotate.d$ sudo logrotate /etc/logrotate.d/syslog-ng -v
[sudo] password for admin: 
reading config file /etc/logrotate.d/syslog-ng

Handling 1 logs

rotating pattern: /var/log/network/*.log*
 1048576 bytes (5 rotations)
empty log files are rotated, old logs are removed
considering log /var/log/network/FIREWALL_03052014.log
  log does not need rotating
considering log /var/log/network/FIREWALL_03052014.log.1.1.1.1.1
  log needs rotating
considering log /var/log/network/FIREWALL_03062014.log
  log does not need rotating
considering log /var/log/network/FIREWALL_03062014.log.1.1.1.1.1
  log needs rotating
considering log /var/log/network/FIREWALL_03072014.log
  log does not need rotating
considering log /var/log/network/FIREWALL_03072014.log.1.1.1.1.1
  log needs rotating
considering log /var/log/network/FIREWALL_03082014.log
  log does not need rotating
considering log /var/log/network/FIREWALL_03082014.log.1.1.1.1.1
  log needs rotating
considering log /var/log/network/FIREWALL_03092014.log.1.1.1.1.1
  log needs rotating
considering log /var/log/network/FIREWALL_03102014.log.1.1.1.1.1
  log needs rotating
considering log /var/log/network/FIREWALL_03112014.log.1.1.1.1.1
  log needs rotating
considering log /var/log/network/FIREWALL_03122014.log
  log does not need rotating
considering log /var/log/network/FIREWALL_03122014.log.1.1.1.1.1
  log needs rotating
considering log /var/log/network/ROUTER_03082014.log
  log does not need rotating
rotating log /var/log/network/FIREWALL_03052014.log.1.1.1.1.1, log->rotateCount is 5
dateext suffix '-20140312'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
renaming /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.5 to /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.6 (rotatecount 5, logstart 1, i 5), 
old log /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.5 does not exist
renaming /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.4 to /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.5 (rotatecount 5, logstart 1, i 4), 
old log /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.4 does not exist
renaming /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.3 to /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.4 (rotatecount 5, logstart 1, i 3), 
old log /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.3 does not exist
renaming /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.2 to /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.3 (rotatecount 5, logstart 1, i 2), 
old log /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.2 does not exist
renaming /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.1 to /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.2 (rotatecount 5, logstart 1, i 1), 
old log /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.1 does not exist
renaming /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.0 to /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.1 (rotatecount 5, logstart 1, i 0), 
old log /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.0 does not exist
log /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.6 doesn't exist -- won't try to dispose of it
renaming /var/log/network/FIREWALL_03052014.log.1.1.1.1.1 to /var/log/network/FIREWALL_03052014.log.1.1.1.1.1.1
rotating log /var/log/network/FIREWALL_03062014.log.1.1.1.1.1, log->rotateCount is 5
dateext suffix '-20140312'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
renaming /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.5 to /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.6 (rotatecount 5, logstart 1, i 5), 
old log /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.5 does not exist
renaming /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.4 to /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.5 (rotatecount 5, logstart 1, i 4), 
old log /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.4 does not exist
renaming /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.3 to /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.4 (rotatecount 5, logstart 1, i 3), 
old log /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.3 does not exist
renaming /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.2 to /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.3 (rotatecount 5, logstart 1, i 2), 
old log /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.2 does not exist
renaming /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.1 to /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.2 (rotatecount 5, logstart 1, i 1), 
old log /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.1 does not exist
renaming /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.0 to /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.1 (rotatecount 5, logstart 1, i 0), 
old log /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.0 does not exist
log /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.6 doesn't exist -- won't try to dispose of it
renaming /var/log/network/FIREWALL_03062014.log.1.1.1.1.1 to /var/log/network/FIREWALL_03062014.log.1.1.1.1.1.1
rotating log /var/log/network/FIREWALL_03072014.log.1.1.1.1.1, log->rotateCount is 5
dateext suffix '-20140312'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
renaming /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.5 to /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.6 (rotatecount 5, logstart 1, i 5), 
old log /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.5 does not exist
renaming /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.4 to /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.5 (rotatecount 5, logstart 1, i 4), 
old log /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.4 does not exist
renaming /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.3 to /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.4 (rotatecount 5, logstart 1, i 3), 
old log /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.3 does not exist
renaming /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.2 to /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.3 (rotatecount 5, logstart 1, i 2), 
old log /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.2 does not exist
renaming /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.1 to /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.2 (rotatecount 5, logstart 1, i 1), 
old log /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.1 does not exist
renaming /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.0 to /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.1 (rotatecount 5, logstart 1, i 0), 
old log /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.0 does not exist
log /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.6 doesn't exist -- won't try to dispose of it
renaming /var/log/network/FIREWALL_03072014.log.1.1.1.1.1 to /var/log/network/FIREWALL_03072014.log.1.1.1.1.1.1
rotating log /var/log/network/FIREWALL_03082014.log.1.1.1.1.1, log->rotateCount is 5
dateext suffix '-20140312'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
renaming /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.5 to /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.6 (rotatecount 5, logstart 1, i 5), 
old log /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.5 does not exist
renaming /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.4 to /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.5 (rotatecount 5, logstart 1, i 4), 
old log /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.4 does not exist
renaming /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.3 to /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.4 (rotatecount 5, logstart 1, i 3), 
old log /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.3 does not exist
renaming /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.2 to /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.3 (rotatecount 5, logstart 1, i 2), 
old log /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.2 does not exist
renaming /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.1 to /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.2 (rotatecount 5, logstart 1, i 1), 
old log /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.1 does not exist
renaming /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.0 to /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.1 (rotatecount 5, logstart 1, i 0), 
old log /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.0 does not exist
log /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.6 doesn't exist -- won't try to dispose of it
renaming /var/log/network/FIREWALL_03082014.log.1.1.1.1.1 to /var/log/network/FIREWALL_03082014.log.1.1.1.1.1.1
rotating log /var/log/network/FIREWALL_03092014.log.1.1.1.1.1, log->rotateCount is 5
dateext suffix '-20140312'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
renaming /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.5 to /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.6 (rotatecount 5, logstart 1, i 5), 
old log /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.5 does not exist
renaming /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.4 to /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.5 (rotatecount 5, logstart 1, i 4), 
old log /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.4 does not exist
renaming /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.3 to /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.4 (rotatecount 5, logstart 1, i 3), 
old log /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.3 does not exist
renaming /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.2 to /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.3 (rotatecount 5, logstart 1, i 2), 
old log /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.2 does not exist
renaming /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.1 to /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.2 (rotatecount 5, logstart 1, i 1), 
old log /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.1 does not exist
renaming /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.0 to /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.1 (rotatecount 5, logstart 1, i 0), 
old log /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.0 does not exist
log /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.6 doesn't exist -- won't try to dispose of it
renaming /var/log/network/FIREWALL_03092014.log.1.1.1.1.1 to /var/log/network/FIREWALL_03092014.log.1.1.1.1.1.1
rotating log /var/log/network/FIREWALL_03102014.log.1.1.1.1.1, log->rotateCount is 5
dateext suffix '-20140312'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
renaming /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.5 to /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.6 (rotatecount 5, logstart 1, i 5), 
old log /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.5 does not exist
renaming /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.4 to /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.5 (rotatecount 5, logstart 1, i 4), 
old log /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.4 does not exist
renaming /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.3 to /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.4 (rotatecount 5, logstart 1, i 3), 
old log /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.3 does not exist
renaming /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.2 to /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.3 (rotatecount 5, logstart 1, i 2), 
old log /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.2 does not exist
renaming /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.1 to /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.2 (rotatecount 5, logstart 1, i 1), 
old log /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.1 does not exist
renaming /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.0 to /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.1 (rotatecount 5, logstart 1, i 0), 
old log /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.0 does not exist
log /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.6 doesn't exist -- won't try to dispose of it
renaming /var/log/network/FIREWALL_03102014.log.1.1.1.1.1 to /var/log/network/FIREWALL_03102014.log.1.1.1.1.1.1
rotating log /var/log/network/FIREWALL_03112014.log.1.1.1.1.1, log->rotateCount is 5
dateext suffix '-20140312'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
renaming /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.5 to /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.6 (rotatecount 5, logstart 1, i 5), 
old log /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.5 does not exist
renaming /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.4 to /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.5 (rotatecount 5, logstart 1, i 4), 
old log /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.4 does not exist
renaming /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.3 to /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.4 (rotatecount 5, logstart 1, i 3), 
old log /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.3 does not exist
renaming /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.2 to /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.3 (rotatecount 5, logstart 1, i 2), 
old log /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.2 does not exist
renaming /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.1 to /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.2 (rotatecount 5, logstart 1, i 1), 
old log /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.1 does not exist
renaming /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.0 to /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.1 (rotatecount 5, logstart 1, i 0), 
old log /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.0 does not exist
log /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.6 doesn't exist -- won't try to dispose of it
renaming /var/log/network/FIREWALL_03112014.log.1.1.1.1.1 to /var/log/network/FIREWALL_03112014.log.1.1.1.1.1.1
rotating log /var/log/network/FIREWALL_03122014.log.1.1.1.1.1, log->rotateCount is 5
dateext suffix '-20140312'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
renaming /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.5 to /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.6 (rotatecount 5, logstart 1, i 5), 
old log /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.5 does not exist
renaming /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.4 to /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.5 (rotatecount 5, logstart 1, i 4), 
old log /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.4 does not exist
renaming /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.3 to /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.4 (rotatecount 5, logstart 1, i 3), 
old log /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.3 does not exist
renaming /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.2 to /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.3 (rotatecount 5, logstart 1, i 2), 
old log /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.2 does not exist
renaming /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.1 to /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.2 (rotatecount 5, logstart 1, i 1), 
old log /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.1 does not exist
renaming /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.0 to /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.1 (rotatecount 5, logstart 1, i 0), 
old log /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.0 does not exist
log /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.6 doesn't exist -- won't try to dispose of it
renaming /var/log/network/FIREWALL_03122014.log.1.1.1.1.1 to /var/log/network/FIREWALL_03122014.log.1.1.1.1.1.1

score 0 · Accepted Answer

末尾のアスタリスクを削除してみてください。

から

/var/log/network/*.log*

に

/var/log/network/*.log

linux - raspberry pi で syslog-ng で logrotate を使用する (古いログを削除するには?)

1 に答える 1

Related

Reference