?
Solved

FreeBSD Logrotate and FTP

Posted on 2014-01-10
15
Medium Priority
?
917 Views
Last Modified: 2016-02-11
I am not a FreeBSD or Linux expert--quickly becoming so--and I have a server that generates large and frequent FreeRADIUS detail files. I was told that there is an built-in logrotate in FreeBSD, but my machine (inherited) doesn't have it. I need to install that, and then either have a log rotation to save disk space, or have a way to send the files--then delete them from the server--to a jumpbox to be accessed by ftp by other IT people who don't have access to the server. Is this possible? and how would it be done?

Thanks
0
Comment
Question by:RDM1776
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 4
15 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39772947
I'm also learning through experience with FreeBSD and From a similar situation I found rsyslog. It takes over syslog and can also pull log files if you can't write using syslog directly. Then I added the elasticsearch output module and push to an elasticsearch setup on centos that was super easy to create. From there you can use kibana or whatever you want to view the logs.

I know this isn't exactly what you asked about but I hope my limited experience can help in this area. If you need any more details I have notes of everything I did and config files.
0
 

Author Comment

by:RDM1776
ID: 39773380
Yes, I'd like to see what you have, it might work to give me an alternative solution.
0
 
LVL 62

Expert Comment

by:gheist
ID: 39773782
BSD never had logrotate.
nesyslog is rotating logs and has good manuals (even less one might replace system's default logger with something blurry and unsecure)
0
Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

 
LVL 39

Assisted Solution

by:Aaron Tomosky
Aaron Tomosky earned 1500 total points
ID: 39773826
Here are my notes installing rsyslog on FreeBSD
/////////////////////////////////////replace syslog with rsyslog
cd /usr/ports/sysutils/rsyslog7
//add the RELP as we may use that to send to another rsyslog
make install clean
//To start using rsyslogd, stop syslogd if it's running:
/etc/rc.d/syslogd stop

//And add the following lines to /etc/rc.conf:
syslogd_enable="NO"
rsyslogd_enable="YES"

//newsyslog has the path of syslogd's pid file hardcoded. To make it work seamlessly with rsyslog, add this:
rsyslogd_pidfile="/var/run/syslog.pid"

//I copied /etc/syslog.conf to start
cp /etc/syslog.conf /usr/local/etc/rsyslog.conf
//the added the three modules suggested and change the !ppp to an if statement
$ModLoad immark.so   # provides --MARK-- message capability
$ModLoad imuxsock.so # provides support for local system logging
$ModLoad imklog.so   # kernel logging

 if $programname == 'ppp' then {
*.*                                             /var/log/ppp.log
}



I'll send the rest when I'm at a computer
0
 
LVL 62

Expert Comment

by:gheist
ID: 39773922
I wonder how that eventually can do any log rotation at all

pkg_add -r syslog-ng rsyslog
might be much faster and leave less dirt on the disk...
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39774051
Rsyslog has an elasticsearch output module. Like I said before, pushing to that is all I have experience with and the author asked to see it
0
 
LVL 62

Expert Comment

by:gheist
ID: 39774400
detail files is essentially logs by radius clients.
you can replace them with syslog, and plainly disable detail listener.
0
 

Author Comment

by:RDM1776
ID: 39777256
Or simply, is there an elegant way to just scp these files to another server that isn't quite as locked down, and just have a cron job that periodically deletes the files?
0
 
LVL 62

Expert Comment

by:gheist
ID: 39777354
Maybe not create them first hand...
0
 
LVL 62

Expert Comment

by:gheist
ID: 39777379
Well freebsd has cron too...
0
 
LVL 39

Assisted Solution

by:Aaron Tomosky
Aaron Tomosky earned 1500 total points
ID: 39777423
if you write an .sh script that does the copy and delete, then you just add that script to cron. Might want to make sure in the script the files are actually copied before deleting.
0
 

Author Comment

by:RDM1776
ID: 39782196
I am so new at server management it is not funny. That said, I like that idea of a script, but I would need at least an example so that I have an idea of where to go with it.
0
 
LVL 62

Expert Comment

by:gheist
ID: 39783731
The detail files come from remote devices
You can dysable them on remote devices while converting logging to syslog.
0
 
LVL 39

Accepted Solution

by:
Aaron Tomosky earned 1500 total points
ID: 39789228
Basically anything you do on the command line can go into a .sh script. Just remember to mark it as executable with chmod.
So search for instructions on how to ftp and copy from the command line and you can make a script.

That said, sending the logs directly to syslog instead of a file is a much better solution.
0
 

Author Closing Comment

by:RDM1776
ID: 39792769
These are decent directions to search to help me solve the issue. I'll have to research more and decide how to do it. Thanks
0

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to update Firmware and Bios in Dell Equalogic PS6000 Arrays and Hard Disks firmware update.
Each year, investment in cloud platforms grows more than 20% (https://www.immun.io/hubfs/Immunio_2016/Content/Marketing/Cloud-Security-Report-2016.pdf?submissionGuid=a8d80a00-6fee-4b85-81db-a4e28f681762) as an increasing number of companies begin to…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video teaches viewers how to encrypt an external drive that requires a password to read and edit the drive. All tasks are done in Disk Utility. Plug in the external drive you wish to encrypt: Make sure all previous data on the drive has been …
Suggested Courses
Course of the Month9 days, 8 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question