- The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log file gets to a certain size.
By default, logrotate's rotation consists of renaming existing log files with a numerical suffix, then recreating the original empty log file. For example,
/var/log/syslog.log is renamed
/var/log/syslog.log.1 already exists from a previous rotation, it is first renamed
/var/log/syslog.log.2. (The number of backlogs to keep can be configured.)
Logrotate can be installed with thepackage. It is installed by default as it is member of the group.
By default, logrotate runs daily using a systemd timer:
The primary configuration file for logrotate which sets default parameters is
/etc/logrotate.conf; additional application-specific configuration files are included from the
/etc/logrotate.d directory. Values set in application-specific configuration files override those same parameters in the primary configuration file.
To verify if logrotate works correctly run the following command which will produce debug output:
To test your logrotate script, for example your nginx logrotate script in /etc/logrotate.d directory, use:
logrotate -f -v /etc/logrotate.d/nginx
exim log not rotated
If you have set the
olddir variable in
/etc/logrotate.conf, you will get a message such as:
error: failed to rename /var/log/exim/mainlog to /var/log/old/mainlog.1: Permission denied
To fix this, add the user
exim to the group
log. Then change the group of the
log instead of the default
Check logrotate status
cat /var/lib/logrotate.status to see which logrotate files were rotated.
"/var/log/mysql/query.log" 2016-3-20-5:0:0 "/var/log/samba/samba-smbd.log" 2016-3-21-5:0:0 "/var/log/httpd/access_log" 2016-3-20-5:0:0