Solved

AIX syslog rotation

Posted on 2001-07-10
11
2,426 Views
Last Modified: 2013-12-23
How do you setup a syslog rotation?

Thanks!
0
Comment
Question by:PAdajar2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
11 Comments
 
LVL 14

Accepted Solution

by:
chris_calabrese earned 100 total points
ID: 6270489
The most common way to do this is with a boot-time script that copies syslog.log to syslog.log.bak or something like that.  This is what most vendor supplied scripts do.
    cp /var/adm/syslog/syslog.log /var/adm/syslog.log.bak

Better is a script that copies logs out of a cron job to something with  a date extension (make sure you HUP syslogd to make it drop open files before you do the copy)
and then deletes logs over so many days old.
    kill -HUP "$(cat /etc/syslog.pid)"
    cp /var/adm/syslog/syslog.log /var/adm/syslog.log.bak

Best is to parse syslog.conf to get the list of files to roll and then handle each one as above.
    pid="$(cat /etc/syslog.pid)"
    date="$(date +%Y%m%d%M%H%S)"
    grep -v '[  ]*#' /etc/syslog.conf |
    while read spec filename
    do  if [ -f "$filename" ]
          then    kill -HUP "$pid"
                    cp "$filename" "$filename.$date"
         fi
    done
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6271067
> cat /etc/syslog.pid
this is not a reliable pid for the syslog process.
Use somthing like
   ps -ef | grep \syslogd |awk 'print $1'
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6271097
/etc/syslog.pid should be reliable on AIX.  The actual logic I use in my script for this looks like this, however:
#
# This sends a HUP to syslog so it will close it's file descriptors
# and help us assure we're getting all the data.
#
function restart_syslogd {
    for syslog_pidfile in \
      /var/run/syslog.pid \
      /etc/inet/syslog.pid \
      /etc/syslog/syslog.pid \
      /etc/syslog.pid \
      /dev/null
    do  if [ -r "$syslog_pidfile" ]
        then    debug "$0: setting syslog_pidfile to '$syslog_pidfile'"
                break
        fi
    done
    cat "$syslog_pidfile" | read pid
    if [ -z "$pid" ]
    then    debug "$0: getting syslog pid from ps"
            ps -ef | grep /syslogd | grep -v grep | read user pid junk
    fi
    if [ -n "$pid" ]
    then    verbose "restarting syslogd"
            debug "syslog PID is '$pid'"
            if kill -HUP "$pid"
            then    :
            else    warn "$0: can't HUP syslog process '$pid'"
            fi
    else    warn "$0: don't know the syslog process id"
    fi
}
0
Percona Monitoring and Management and Grafana

Proactive monitoring is vital to a highly-available environment. We have a quick start guide on Experts Exchange for Grafana users.

 

Author Comment

by:PAdajar2
ID: 6277078
Im a rookie guys so you have to bear with me.
Where exactly do these scripts go?

Thanks
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6277092
Doesn't matter where you place them in the filesystem.  The important thing is to call them out of cron on whatever schedule you want.  See the man pages for cron and crontab.
0
 

Author Comment

by:PAdajar2
ID: 6277308
k, now how do i customizze this for my system?
0
 

Author Comment

by:PAdajar2
ID: 6295687
how do you make the script delete log files that are x days old?

Thanks again
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6295787
Hey, that's a whole other question ;-)

Anyway, see the man page for find.
0
 

Author Comment

by:PAdajar2
ID: 6295847
thanks! any chance i can also squeeze out of you how you delete the previous contents of the log file as opposed to just appending to the same file?

Thanks
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6295866
> filename
will clobber the previous contents.
0
 

Author Comment

by:PAdajar2
ID: 6295980
thanks!
0

Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses
Course of the Month10 days, 11 hours left to enroll

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question