Thread: [mod-security-users] Rotating Concurrent Log Files
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
mod-security-users
|
From: Chuck N. <chu...@gm...> - 2020-10-05 13:36:19
|
Hello! I'm in the process of implementing modsecurity on my website and am wondering if there's a best practice in regards to rotating the concurrent logs. My current idea is to have a cron job that will run a script to gzip the daily directories and then use logrotate on them. If anyone has any other suggestions I would really appreciate it. Thanks in advance! Chuck |
|
From: Christian V. <cv...@it...> - 2020-10-05 14:22:31
|
Hi, using logrotate is the way to go. Cheers. > El 05-10-2020, a la(s) 10:39, Chuck Nemeth <chu...@gm...> escribió: > Hello! > > I'm in the process of implementing modsecurity on my website and am wondering if there's a best practice in regards to rotating the concurrent logs. > > My current idea is to have a cron job that will run a script to gzip the daily directories and then use logrotate on them. > > If anyone has any other suggestions I would really appreciate it. > > Thanks in advance! > > Chuck > > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
|
From: Chuck N. <chu...@gm...> - 2020-10-05 14:34:18
|
Thanks for the reply! From the information I've gathered while researching possible solutions logrotate does not operate on directories, it only works on files (but I haven't tested to verify). Since the directories are nested when using Concurrent logging, I wasn't sure if logrotate would be able to rotate the whole directory or if there was a recommended approach. I've read through the netnea tutorial and purchased the modsecurity handbook from feistyduck but didn't see any mention in either resource as to rotating the logs. On 10/5/20 9:48 AM, Christian Varas via mod-security-users wrote: > Hi, using logrotate is the way to go. > > Cheers. > >> El 05-10-2020, a la(s) 10:39, Chuck Nemeth <chu...@gm...> escribió: >> Hello! >> >> I'm in the process of implementing modsecurity on my website and am wondering if there's a best practice in regards to rotating the concurrent logs. >> >> My current idea is to have a cron job that will run a script to gzip the daily directories and then use logrotate on them. >> >> If anyone has any other suggestions I would really appreciate it. >> >> Thanks in advance! >> >> Chuck >> >> >> _______________________________________________ >> mod-security-users mailing list >> mod...@li... >> https://lists.sourceforge.net/lists/listinfo/mod-security-users >> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: >> http://www.modsecurity.org/projects/commercial/rules/ >> http://www.modsecurity.org/projects/commercial/support/ > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
|
From: homesh j. <ho...@gm...> - 2020-10-05 17:11:55
|
Hi, Since it is concurrent logs, new logs will go in a separate directory e.g 20201005. Post gzip of logs to a separate directory. You may delete the old directories completely. I run script everyday that keep last 2 days directories and remove older ones. Thanks, Homesh Thanks, Homesh On Mon 5 Oct, 2020, 7:10 PM Chuck Nemeth, <chu...@gm...> wrote: > Hello! > > I'm in the process of implementing modsecurity on my website and am > wondering if there's a best practice in regards to rotating the > concurrent logs. > > My current idea is to have a cron job that will run a script to gzip the > daily directories and then use logrotate on them. > > If anyone has any other suggestions I would really appreciate it. > > Thanks in advance! > > Chuck > > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ > |
|
From: Robert P. <rpa...@fe...> - 2020-10-05 17:45:44
|
Hi Chuck, On Mon, Oct 5, 2020 at 7:34 AM Chuck Nemeth <chu...@gm...> wrote: > > logrotate does not operate on directories, it only works on files (but I > haven't tested to verify). Since the directories are nested when using > Concurrent logging, I wasn't sure if logrotate would be able to rotate > the whole directory or if there was a recommended approach > You can configure logrotate to use glob matching to match all files in a directory. See https://unix.stackexchange.com/a/83859 |
|
From: Chuck N. <chu...@gm...> - 2020-10-05 18:07:27
|
It's starting to make sense to me now that I've read the replies. I did see that you could use * in logrotate but wasn't sure what to do with the leftover directories. I can just have a cron job delete them like Homesh recommended. I originally had set up a cron job to gzip the entire day's directory and have logrotate operate on that every so often. Thanks for the help! Chuck On Mon, Oct 5, 2020 at 1:48 PM Robert Paprocki < rpa...@fe...> wrote: > Hi Chuck, > > On Mon, Oct 5, 2020 at 7:34 AM Chuck Nemeth <chu...@gm...> wrote: > >> >> logrotate does not operate on directories, it only works on files (but I >> haven't tested to verify). Since the directories are nested when using >> Concurrent logging, I wasn't sure if logrotate would be able to rotate >> the whole directory or if there was a recommended approach >> > > You can configure logrotate to use glob matching to match all files in a > directory. See https://unix.stackexchange.com/a/83859 > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ > |
Thanks for helping keep SourceForge clean.
X