Rotating System Logs

• rsyslog

• create <mode> <owner> <group> - permissions
• dateext - append the date to the extension instead of a number – default is -YYYYMMDD
• ifempty - rotate the log even if the file is empty (default)
• maxage <count> - remove rotated logs older than <count> days
• missingok - if the log file is missing, go ahead to the next one – by default, nomissingok is set
• rotate <count> - log files are rotated <count> times before being removed

/var/log/php_error.log {
# compress old logs with gzip
compress

# zero out the old file instead of creating a new one
# this is simpler than setting the permissions in the config file
copytruncate

# create a new log file immediately after rotation and use these
# permissions if you want
# create 664 root www-logs

# If the log file is missing, go on to the next one without issuing an error message
missingok

# Do not rotate the log if it is empty
notifempty
}

See http://www.question-defense.com/2010/01/10/postfix-logrotate-script-for-gentoo-linux

I prefer to run ours daily.

/var/log/mail.* {
  missingok
  notifempty
  weekly
  rotate 3
  compress
  sharedscripts
  postrotate
    /etc/init.d/postfix reload > /dev/null 2>&1 || true
  endscript
}

For stats:

# pflogsumm.pl -d today /var/log/mail.log

• NetBSD

1/ modify /usr/pkg/etc/logrotate.conf to your needs,
or better, add your own configuration files in
/usr/pkg/etc/logrotate.d/

2/ set up a daily cron job for logrotate in root's crontab;
this can be done with one of the following line:
0 0 * * * /bin/sh /usr/pkg/share/examples/logrotate/logrotate.cron
0 0 * * * /usr/pkg/bin/logrotate /usr/pkg/etc/logrotate.conf

• netatalk

Any options will work, but copytruncate is necessary so that logs are continually written to.

/var/log/netatalk.log {
        notifempty
        maxage 31
        missingok
        rotate 7
        copytruncate
}