Linux USES logrotate to cut log files
- 2020-05-30 21:44:44
- OfStack
In order to understand the running state of the program when it is running, it will output log files. After a long time, the log files will become very large and even reach the level of GB. I use the logrus package to log in golang application, which is very convenient to configure and use. However, there is no log segmentation function. After running the application online for one month, the log files have reached hundreds of megabytes. Then I discovered logrotate, which is the log splitting tool that comes with centos, and it can be timed to split logs without installing additional components.
1. Operating principle
logrotate cron run by the system, the position in/etc/cron daily/logrotate
#!/bin/sh
/usr/sbin/logrotate -s /var/lib/logrotate/logrotate.status /etc/logrotate.conf
EXITVALUE=$?
if [ $EXITVALUE != 0 ]; then
/usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]"
fi
exit 0
Can see the entrance to the configuration file is/etc logrotate conf, in turn, run/etc/logrotate conf. Found in the configuration file if d configuration logrotate no execution, might check if there is an open system under crond service
2. The configuration
If you have nginx installed, you can refer to the configuration example in nginx
/var/log/nginx/*log {
create 0644 nginx nginx
daily
rotate 10
missingok
notifempty
compress
sharedscripts
postrotate
/bin/kill -USR1 `cat /run/nginx.pid 2>/dev/null` 2>/dev/null || true
endscript
}
Line 1 defines the path to the log file, which can be matched with * wildcard, and 1 can be defined as *.log to match all the log files. You can also specify multiple files, separated by Spaces, for example
/var/log/nginx/access.log /var/log/nginx/error.log {
}
Inside the curly braces are the parameters related to log cutting. Below are the commonly used cutting parameters
Whether compress is on compression, the compression format gzip Unturned compression compresscmd custom compression command compressexty compressed filename suffix compressoptions compression option copy copy 1 file create, followed by mode owner group, sets the permissions for the new log file daily is divided by the day weekly is divided by week monthly is divided by month rotate is followed by a number indicating that the history of a file needs to be kept, and if the number is exceeded, it will be deleted or sent by email size is split after the file size, such as 100k, 100M missingok ignores nonexistent files and makes no errors notifempty does not split empty files sharedscripts works with postrotate and prerotate to make them execute only once After the postrotate/endscript file is split, execute the command between postrotate and endscript Before the prerotate/endscript file is split, execute the command between prerotate and endscriptLet's look at some examples
/var/log/httpd/error.log {
rotate 5
mail i@wuyuans.com
size=100k
sharedscripts
postrotate
/sbin/killall -HUP httpd
endscript
}
Cutting/var/log/httpd/error log log files, and more than 100 k after cutting, keep the latest five history, more than 5 email to fss@qq.com, postrotate command is to let httpd reopen the log file.
/var/lib/mysql/mysqld.log {
# create 600 mysql mysql
notifempty
daily
rotate 3
missingok
compress
postrotate
# just if mysqld is really running
if test -x /usr/bin/mysqladmin && \
/usr/bin/mysqladmin ping &>/dev/null
then
/usr/bin/mysqladmin --local flush-error-log \
flush-engine-log flush-general-log flush-slow-log
fi
endscript
}
This is a cut of the mysql log, 1 copy per day, ignore empty files, keep the latest 3 copies, and use gzip compression
/home/wuyuan/log/*.log {
su wuyuan wuyuan
create 0777 wuyuan wuyuan
daily
rotate 10
olddir /home/wuyuan/log/old
missingok
postrotate
endscript
nocompress
}
This is the configuration item I am using, cutting all the log files, log files, 1 copy per day, keeping 10 copies, setting permissions 777 for new files, keeping the historical files in old directory for easy viewing. Because the application's logrus USES append to write to the log, there is no need to reopen the log file, which logrus does quite well.
3. The test
After writing the configuration file, you can manually execute it to verify that it is available.
logrotate -f /etc/logrotate.d/wuyuan
Where -f stands for enforcement, other commands can be viewed with help
logrotate --help
usage : logrotate [OPTION...] <configfile>
-d, --debug Don't do anything, just test (implies -v)
-f, --force Force file rotation
-m, --mail=command Command to send mail (instead of `/bin/mail')
-s, --state=statefile Path of state file
-v, --verbose Display messages during rotation
-l, --log=STRING Log file
--version Display version information
Help options:
-?, --help Show this help message
--usage Display brief usage message
If there is no problem, the log will be moved to the old directory with the date, and the previous log file will be emptied