• Post Reply Bookmark Topic Watch Topic
  • New Topic

Log Rotation does not seem to be working CentOS4.5  RSS feed

 
Jason Kretzer
Ranch Hand
Posts: 280
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hey Gang,

Another day, another issue...

for some reason the log file for snort

/var/log/snort/alert

is not getting rotated daily. It is just getting
bigger and bigger. I have taken a look at the
logrotate services and it should be rotating properly.
Anyone have any ideas here? I am attaching the
appropriate logrotate config files below. Let me know if you need more information.

Thanks,

-Jason


============================================
# /etc/logrotate.conf
# see "man logrotate" for details
# rotate log files weekly
weekly

# keep 4 weeks worth of backlogs
rotate 4

# create new (empty) log files after rotating old ones
create

# uncomment this if you want your log files compressed
#compress

# RPM packages drop log rotation information into this
directory
include /etc/logrotate.d

# no packages own wtmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
rotate 1
}
============================================


============================================
# /etc/logrotate.d/snort
# $Id$

/var/log/snort/alert /var/log/snort/*log
/var/log/snort/*/alert /var/log/snort/*/*log {
daily
rotate 7
compress
missingok
notifempty
create 0640 snort adm
sharedscripts
postrotate
/etc/init.d/snortd restart 1>/dev/null || true
endscript
}
============================================

Anything I am missing here?
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!