Solved

AIX syslog rotation

Posted on 2001-07-10
11
2,420 Views
Last Modified: 2013-12-23
How do you setup a syslog rotation?

Thanks!
0
Comment
Question by:PAdajar2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
11 Comments
 
LVL 14

Accepted Solution

by:
chris_calabrese earned 100 total points
ID: 6270489
The most common way to do this is with a boot-time script that copies syslog.log to syslog.log.bak or something like that.  This is what most vendor supplied scripts do.
    cp /var/adm/syslog/syslog.log /var/adm/syslog.log.bak

Better is a script that copies logs out of a cron job to something with  a date extension (make sure you HUP syslogd to make it drop open files before you do the copy)
and then deletes logs over so many days old.
    kill -HUP "$(cat /etc/syslog.pid)"
    cp /var/adm/syslog/syslog.log /var/adm/syslog.log.bak

Best is to parse syslog.conf to get the list of files to roll and then handle each one as above.
    pid="$(cat /etc/syslog.pid)"
    date="$(date +%Y%m%d%M%H%S)"
    grep -v '[  ]*#' /etc/syslog.conf |
    while read spec filename
    do  if [ -f "$filename" ]
          then    kill -HUP "$pid"
                    cp "$filename" "$filename.$date"
         fi
    done
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6271067
> cat /etc/syslog.pid
this is not a reliable pid for the syslog process.
Use somthing like
   ps -ef | grep \syslogd |awk 'print $1'
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6271097
/etc/syslog.pid should be reliable on AIX.  The actual logic I use in my script for this looks like this, however:
#
# This sends a HUP to syslog so it will close it's file descriptors
# and help us assure we're getting all the data.
#
function restart_syslogd {
    for syslog_pidfile in \
      /var/run/syslog.pid \
      /etc/inet/syslog.pid \
      /etc/syslog/syslog.pid \
      /etc/syslog.pid \
      /dev/null
    do  if [ -r "$syslog_pidfile" ]
        then    debug "$0: setting syslog_pidfile to '$syslog_pidfile'"
                break
        fi
    done
    cat "$syslog_pidfile" | read pid
    if [ -z "$pid" ]
    then    debug "$0: getting syslog pid from ps"
            ps -ef | grep /syslogd | grep -v grep | read user pid junk
    fi
    if [ -n "$pid" ]
    then    verbose "restarting syslogd"
            debug "syslog PID is '$pid'"
            if kill -HUP "$pid"
            then    :
            else    warn "$0: can't HUP syslog process '$pid'"
            fi
    else    warn "$0: don't know the syslog process id"
    fi
}
0
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

 

Author Comment

by:PAdajar2
ID: 6277078
Im a rookie guys so you have to bear with me.
Where exactly do these scripts go?

Thanks
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6277092
Doesn't matter where you place them in the filesystem.  The important thing is to call them out of cron on whatever schedule you want.  See the man pages for cron and crontab.
0
 

Author Comment

by:PAdajar2
ID: 6277308
k, now how do i customizze this for my system?
0
 

Author Comment

by:PAdajar2
ID: 6295687
how do you make the script delete log files that are x days old?

Thanks again
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6295787
Hey, that's a whole other question ;-)

Anyway, see the man page for find.
0
 

Author Comment

by:PAdajar2
ID: 6295847
thanks! any chance i can also squeeze out of you how you delete the previous contents of the log file as opposed to just appending to the same file?

Thanks
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6295866
> filename
will clobber the previous contents.
0
 

Author Comment

by:PAdajar2
ID: 6295980
thanks!
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Connectivity drops 9 68
Recommendation for open source Monitoring 7 93
SBS2011 VPN users no longer connecting 4 72
How do I enable VPN on server 2008 R2 19 50
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question