In many guides on this website, we talked about log rotation. Logrotate is Linux utility for automatic rotation, compression, mailing log files etc jobs. Here is how to manage logfiles with logrotate. Many common programs automatically setup Logrotate. Like when we install Apache2, that adds a configuration file used by Logrotate to rotate all apache access and error logs
/etc/logrotate.d/apache2. In our other guides, we only mentioned about logrotate script when we built the software from source and/or was sure that the configuration file is not supplied. Logrotate is available on all Linux distributions but default configuration may vary. We are talking in context of Ubuntu 16.04 server. For the others, readers may need checking manual for minimal need of changes. First, we need to check whether logrotate is installed by running :
If not installed, then we can run the below command(s) to install :
sudo apt update
sudo apt install logrotate
sudo yum update
sudo yum install logrotate
Of course, there is manual of logrorate :
How to Manage Logfiles with Logrotate
/etc/logrotate.conf file contains default settings and includes statement to pull in configuration files from
/etc/logrotate.d/ directory contains the configuration files saved by various applications and utilities. Nothing existing files inside
/etc/logrotate.d/ should be altered without knowing about that particular software.
For the most daemon processes, logs would be rotated by the
root user. logrotate usually invoked from a script in the
We can run logrotate as a cronjob to ensure that logs will be rotated as configured. If we configure logrotate to rotate logs every day, but logrotate actually runs every week, the logs will only be rotated every week.
If nothing exist inside
/etc/cron.daily/ directory, we need to create a script named
/etc/cron.daily/logrotate to do the job :
If I run
cat on a server where Apache2 installed :
I will get :
create 640 root adm
if invoke-rc.d apache2 status > /dev/null 2>&1; then
invoke-rc.d apache2 reload > /dev/null 2>&1;
if [ -d /etc/logrotate.d/httpd-prerotate ]; then
You need demystification of those phrases.
- weekly: Rotate logs once per week
- monthly: Rotate once a month
- daily: Rotate once a day
- missingok: Missing OK. If no log files are found, don’t debug or print error.
- rotate 14: Keep 14 files before deleting old log files
- compress: Compress (gzip) log files
- delaycompress: Delays compression until 2nd time rotating.
- compresscmd: Set which command to used to compress. Defaults to gzip.
- uncompresscmd: Set the command to use to uncompress. Defaults to gunzip.
- notifempty: Don’t rotate empty files
- create 640 root adm: Create new log files with set permissions/owner/group, here user is root and group is adm, permission is 640
- sharedscripts: Run postrotate script after all logs are rotated
- postrotate: Scripts to run after rotating is done.
- size=10M : command sets the minimum size for the rotation to take place to 10M.
- dateext: This option appends a date instead (logs by default get a number appended to their filename)
- dateformat: The format of the date appended to the log filename you want.
- prerotate: Run before log rotating begins
You can run this to test :
# dry run
logrotate -d /etc/logrotate.d/apache2
# sudo logrotate /etc/logrotate.d/apache2 --debug
Check what ran by running :
I got a big list like this :
logrotate state -- version 2