How to Install Logrotate and Configure Nginx Log Rotation

nginx log rotateLogrotate is a utility designed to ease administration of systems that generate large numbers of log files. It takes care of automatic log file rotation, compression, removal, and mailing of log files. All the services or applications deployed on the server generates log’s in a file for each action that is performed on the system/application/ by a user. Over a period of time, it becomes a tedious task to manage such log files. These log files will grow in large sizes and the application performance would deteriorate periodically. On a long term, it will contribute to a potential risk of making a system unresponsive due to the lack of disk space.

To mitigate such issues and maintain log files we utilize “logrotate”. This tool is designed to simplify the management of log files on systems that generate many large log files.

In this article, we will talk more about logrotate utility and how to configure Nginx log rotation.

Installation

In most distributions, it is installed and configured by default. In order to install the package, check if the package is installed, else install the package as described.

# rpm -qa | grep logrotate
 logrotate-3.8.6-12.el7.x86_64

Here, it seems to be installed by default. If this query reports none, then you can install it on a CentOS 7 server with the command below:

#yum install logrotate -y

Running logrotate

Logrotate helps system administrators to systematically rotate and archive any log files produced by the system and thereby reducing an operating system's disk space requirement. Normally, logrotate run as a daily cron job.  It will not modify a log multiple times in a day.

# cat /etc/cron.daily/logrotate
#!/bin/sh

/usr/sbin/logrotate -s /var/lib/logrotate/logrotate.status /etc/logrotate.conf
EXITVALUE=$?
if [ $EXITVALUE != 0 ]; then
/usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]"
fi

Understanding the Configuration files

By default, when the logrotate is installed, you can locate its main configuration file here: /etc/logrotate.conf

 

Logrotate includes the directory /etc/logrotate.d/ where you configure the different logs (daemons and services on which you want to rotate logs). All the service specific configuration files are stored in /etc/logrotate.d/.

The main configuration file /etc/logrotate.conf contains a generic configuration. Please take a look at my default logrotate configuration file:

Line 3 - weekly: This configuration option ensures a weekly rotation of all log files defined in main configuration file and in /etc/logrotate.d/ directory.
Line 6 - rotate 4: It ensures that logrotate keeps a 4 weeks backup of all log files.
Line 9 - create: this option instructs logrotate to create new empty log files after each rotation
Line 12 - dateext: This appends an extension to all rotated log files in form of date when each particular log file was processed by logrotate
Line 15 - compress: This compresses the rotated log file.
Line 18 - include /etc/logrotate.d: This include all other configuration from directory /etc/logrotate.d.
Line 21 - 33 contains a specific service log rotate configuration

Configuring Nginx logrotation

For most of the services a default service log rotate configuration file will be created automatically in the /etc/logrotate.d/ folder.  All packages usually include a log rotation configuration, even if logrotate is not installed on the system. However, if we have compiled Nginx from sources, it will be necessary to define our own log rotation settings manually inside the /etc/logrotate.d/ folder with the log file location mentioned in the Nginx configuration file.

Please see the default Nginx log rotation configuration created on my server by the installation.

# cat -n /etc/logrotate.d/nginx
1 /var/log/nginx/*log {
2 create 0644 nginx nginx
3 daily
4 rotate 10
5 missingok
6 notifempty
7 compress
8 sharedscripts
9 postrotate
10 /bin/kill -USR1 `cat /run/nginx.pid 2>/dev/null` 2>/dev/null || true
11 endscript
12 }
13

Line 1 - /var/log/nginx/*log: This defines all the Nginx log files located at /var/log/nginx/. TIP: If you wish to include multiple log files in a single configuration file use wildcard, just like this "/var/log/nginx/*log". For a single log file, you can just mention that log file as "/var/log/nginx/error.log".
Line 2 - create: This creates a new log file and set the permission 644 with the ownership nginx.
Line 3 - daily: ensures daily rotation
Line 4 - rotate 10: Save 10 copies of the log file.
Line 5 - missingok: Do not output error if logfile is missing.
Line 6 - notifempty: Donot rotate log file if it is empty.
Line 7 - compress: Compress the old copies of log files with gzip(1) by default
Line 8 - sharedscripts: This makes the scripts to run once, no matter how many logs match the wildcarded pattern, and whole pattern is passed to them.
Line 9 to 11 - postrotate/endscript: The lines between postrotate and endscript (both of which must appear on lines by themselves) are executed after the log file is rotated. These directives may only appear inside a log file definition.

This logrotate utility has many more configuration options. You can get a complete list of those options from its manual page by just running this:

#man logrotate

Checking the Logrotation Status

The file "/var/lib/logrotate.status" contains all information about the logrotation status. Hence, to validate the logrotate run status for each configuration file added and verify the status of each one of them, we can run the command below; It will list run time for each config
file.

# cat /var/lib/logrotate.status
logrotate state -- version 2
"/var/log/nginx/error.log" 2017-8-14-7:45:47
"/var/log/yum.log" 2017-8-14-7:45:47
"/var/log/chrony/*.log" 2017-8-14-7:0:0
"/var/log/wtmp" 2017-8-14-7:45:47
"/var/log/spooler" 2017-8-14-7:0:0
"/var/log/btmp" 2017-8-14-7:45:47
"/var/log/maillog" 2017-8-14-7:45:47
"/var/log/wpa_supplicant.log" 2017-8-14-7:0:0
"/var/log/secure" 2017-8-14-7:45:47
"/var/log/nginx/access.log" 2017-8-14-7:45:47
"/var/log/ppp/connect-errors" 2017-8-14-7:0:0
"/var/log/messages" 2017-8-14-7:45:47
"/var/log/cron" 2017-8-14-7:45:47

This will provide you with the latest logrotate status.

We can run a specific logrotate file manually or forcefully by the following command.

logrotate -f /etc/logrotate.d/nginx

Or  we can even rotate all the logs  in verbose mode with the command below:

logrotate -f -v /etc/logrotate.conf

Logrotate helps you to manage your log files efficiently and save some disk space by compressing/removing your log files. It may also help you to archive your log files for a future reference by creating an extra copy or by emailing you any newly rotated log files. We can even adjust the configuration to handle each log file daily, weekly, monthly, or when it grows too large. I would recommend using logrotate utility for an easy management of your log files.

Saheetha Shameer 7:16 pm

About Saheetha Shameer

Self-motivated and dedicated Linux Administrator having 10 years of working experience on various web-hosting control panels and Unix distributions. I'm a quick learner and have a slight inclination towards following the current and emerging trends in the industry. I'm passionate about testing/reviewing new Linux applications and open source tools.

Author's All Posts
Like to become part of Linoxide Team and contribute tips? Contact us here.

Comments

Your email address will not be published. Required fields are marked *

All comments are subject to moderation.

1 Comment