For system administration and diagnostics in Linux, log files are important. However left unattended, they can quickly chock the system. logrotate is a nice utility to handle this.
The configuration file for logrotate is at /etc/logrotate.conf. A sample configuration file may look like (from my ubuntu 14.04 machine)
# see "man logrotate" for details
# rotate log files weekly
# of /var/log/syslog.
su root syslog
# keep 4 weeks worth of backlogs
# create new (empty) log files after rotating old ones
# uncomment this if you want your log files compressed
# packages drop log rotation information into this directory
# no packages own wtmp, or btmp -- we'll rotate them here
create 0664 root utmp
create 0660 root utmp
# system-specific logs may be configured here
For handling each log, either you can put an entry in logrotate.conf file or put it in the /etc/logrotate.d directory. The directory location is mentioned in the last line in the sample logrotate.conf above. The entries on the top are global and can be overridden at individual log handling instance.
For example if you want to handle logs for foo program which is sitting at /etc/foo/*.log . Either put the following entry in logrotate,conf file at the end or make a file with name foo in /etc/logrotate.d
Let's look into the meaning of each options
- weekly : It means the log file will be checked on weekly basis. The other options are daily and monthly
- rotate 10 : It will keep last 10 backups of the log files
- compress : The old files will be kept in a compressed format
If you want to do the truncation on size basis than you can use the size option also. The options becomes as follows:
For 10 MB limitation
This are some of the options. logrotatae comes with a lot of options which can be seen in the manual page of logrotate. For manual page, in Linux you can use the following command