[Freeipa-users] Do you use logrotate?
Rob Crittenden
rcritten at redhat.com
Tue Sep 11 14:41:22 UTC 2012
Dmitri Pal wrote:
> On 09/11/2012 08:18 AM, Christian Horn wrote:
>> Hi,
>>
>> On Mon, Sep 10, 2012 at 06:07:57PM -0400, Dmitri Pal wrote:
>>> Does anyone use logrotate?
>> Not yet, indeed good idea.
>>
>>
>>> Have you seen something else that would be valuable for others to
>>> consider when configuring logrotate with IPA?
>> IPA has many services writing to independent files. Having these
>> logs collected in a central place seems to be a common desire.
>> For DNS syslog is used and can directly log to a remote location.
>>
>> For the other services the best idea so far seems to be to have
>> a cronjob which uses rsync/ssh to centrally store the logs.
>>
>> This can be implemented without much further thought.
>> If logrotate is used on the IPA servers, but also longer logs
>> should be kept on the central server, further thoughts would
>> be needed here..
>>
>>
>> Thats the only relevant thing coming to mind for the topic.
>> Christian
>>
>
> Collecting log centrally is a separate topic.
> I want to focus on the logrotate configuration and potential issues
> people might have or have had in the past related to logrotate causing
> IPA to fail.
logrotate is being used by every IPA user today unless they have
configured it to NOT be used. There are default logrotate rules for
named, httpd, tomcat6, sssd and krb5kdc. 389-ds-base does its own log
rotation AFAIU.
rob
More information about the Freeipa-users
mailing list