Blogumé part deux: Log Rotation
I spent the morning at work:
Update: just checked on the state of the logs on the production webservers, a bit more than a week after doing this. It's so much better.
- rotating neglected logs on our production web and database servers
- setting up logrotate scripts to keep the logs fresh
Log RotationWhy is this important? Because without regular log rotation:
A log management process where logs are moved, renamed, or over written for system resource management and archival.
Rotation is usually based on time or size. Rotation usually includes some form of log identification. Log identification may take a number of forms, all intended to represent the current log, next current log, and so on up to some number of logs. When reaching a limit to the number of logs, the oldest log is removed before the current log is created.
- Your logs will grow too big to use. In my environment, a file bigger than about 3 GB is useless. The file I was trying to examine was over 30 GB. That's 30,000,000,000 bytes of logs.
- If totally neglected, your logs can fill their partition. At best logging stops; at worst the application itself stops (typically around 3 AM some Sunday morning).
Update: just checked on the state of the logs on the production webservers, a bit more than a week after doing this. It's so much better.
Comments