[kwlug-disc] Tightening up SSH
Chris Irwin
chris at chrisirwin.ca
Tue Jul 20 21:14:14 EDT 2010
On Tue, 2010-07-20 at 20:57 -0400, Johnny Ferguson wrote:
> I must concur:
>
> logwatch --service sshd
>
> is gorgeous. Anyone know how I can get my system to store backups of
> logs? My var partition is quite large, and I wouldn't mind hanging on to
> them. I'm not sure if they're designed to do this automatically, or if I
> have to implement it myself.
logrotate handles rotating them. It also gzips them if they are not
current or immediately previous. By default, it keeps only four weeks
worth of logs, but that can be configured via /etc/logrotate.conf
An example of my messages log, using the default four-week retention:
$ ls -l /var/log/messages*
-rw-r----- 1 syslog adm 1297005 2010-07-20 20:48 /var/log/messages
-rw-r----- 1 syslog adm 239790 2010-07-11 07:36 /var/log/messages.1
-rw-r----- 1 syslog adm 40467 2010-07-04 13:42 /var/log/messages.2.gz
-rw-r----- 1 syslog adm 67406 2010-06-27 00:47 /var/log/messages.3.gz
-rw-r----- 1 syslog adm 48684 2010-06-20 00:26 /var/log/messages.4.gz
Another option would be to run a weekly cron-job to take (e.g.)
messages.1, and rename copy it with a datestamp.
mv /var/log/messages.1 /var/mybackuplogs/messages-ending-`date +%Y%m%d`
--
Chris Irwin <chris at chrisirwin.ca>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20100720/9e5bab00/attachment.sig>
More information about the kwlug-disc
mailing list