Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- executable script /etc/cron.daily/logrotate has in it, amount other things, the command:
- /usr/sbin/logrotate /etc/logrotate.conf
- /etc/logrotate.conf has in it, among other things
- include /etc/logrotate.d
- /etc/logrotate.d/syslog-ng has in it, among other things:
- /var/log/remote/*/*.txt
- {
- rotate 8
- maxage 30
- daily
- missingok
- compress
- delaycompress
- postrotate
- invoke-rc.d syslog-ng reload > /dev/null
- endscript
- }
- That was set that way yesterday just before noon.
- An example directory listing for /var/log/remote/10.128.0.3/log.txt shows only
- drwxr-xr-x 2 root adm 4096 May 26 11:49 ./
- drwxr-xr-x 24 root adm 4096 May 26 23:10 ../
- -rw-r--r-- 1 root adm 456943474 May 27 14:55 log.txt
- And finally, log.txt in there has lines covering the period:
- head -n 2 log.txt && tail -n 2 log.txt
- May 26 11:38:02 10.128.0.3 %ASA-5-304001: 10.134.0.104 Accessed URL 108.168.240.194:http://tags.[snip]
- May 26 11:38:02 10.128.0.3 %ASA-5-304001: 10.134.0.104 Accessed URL 98.139.225.42:http://ads.yahoo[snip]
- May 27 14:56:54 10.128.0.3 %ASA-5-304001: 10.144.0.76 Accessed URL 98.139.199.205:https://98.139.199.205/
- May 27 14:56:54 10.128.0.3 %ASA-5-304001: 10.168.0.62 Accessed URL 23.74.9.136:http://crl.microsoft.[snip]
- /var/lib/logrotate/status contains a line for the above sample directory:
- "/var/log/remote/10.128.0.3/log.txt" 2015-5-27-6:0:0
- I don't know how to interpret the "-6:0:0" in the line above.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement