September 16, 2005

Solaris finally has industrial-strength logfile rotation

In all of my years using Solaris, I have always thought that their solution for rotating the core system log files was a joke. The "utility" (I use the term loosely) that Solaris used to ship with was called newsyslog. It was an incredibly simplistic shell script, and wasn't really re-usable, in terms of being able to rotate log files other than /var/adm/messages and /var/log/syslog.

For years, the Open Source UNIXes have included utilities for managing the system log files based upon a flexible configuration file. FreeBSD, for example, includes the newsyslog utility, which reads from newsyslog.conf, in order to decide which log files to rotate, and how they should be rotated. It's great, and I have thought for years that Solaris should have something like this too.

So, it was a pleasant surprise today that when I went to setup log rotation for Apache running on a Solaris 10 server at work, I found that Sun has finally beefed up this part of Solaris. Gone is the weak Solaris newsyslog, and in its place, we welcome logadm. It looks like this utility became available in Solaris 9, but it was news to me until today.

This logadm thing seems pretty nice -- it is super-flexible, in that it took care of all of the quirks around rotating Apache log files. One odd thing about logadm is that every time it runs, it re-writes the config file (/etc/logadm.conf for those of you keeping score at home) in place. For example, here are the two configuration lines that I wrote today:
# -C -> keep 5 old versions around
# -e -> e-mail errors to areitz@aops-eds.com
# -p -> rotate the file every day
# -z -> compress the .1 - .5 files using gzip. this means we don't need to
#       sleep before gzip.
# -a -> gracefully restart apache after rotation
/var/apache/logs/access_log -C 5 -P 'Fri Sep 16 00:24:48 2005' -a \
   '/usr/apache/bin/apachectl graceful' -e areitz@aops-eds.com -p 1d -z 1 \
   -R '/usr/local/bin/analog'
/var/apache/logs/error_log -C 5 -P 'Fri Sep 16 00:24:48 2005' -a \
   '/usr/apache/bin/apachectl graceful' -e areitz@aops-eds.com -p 1d -z 1 \
   -R '/usr/local/bin/analog'
The comments should explain some of the options. But the whole '-P' flag was added by logadm, after it ran. This flag tells logadm when it last successfully rotated the log file, so that it knows when it should rotate again. Kindof a nifty hack for performing that function, if you ask me.

-Andy. Posted by andyr at September 16, 2005 1:08 AM