Newsyslog Apache

Anyone knows how to have Newsyslog rotate Apache logs at a fixed hour, but for say 10 entries (think individual vhost log files ) but only send one SIGUSR signal to Apache ?

From the manpage it seems there's no precise minute/second that can be set and it just happens 'within the hour' , so I'm not sure how my goal can be achieved
 
Code:
root@mail:/usr/local/etc/newsyslog.conf.d # cat apache.conf
# Apache
/var/log/httpd-access.log               644  14     *    @T00  B     /var/run/httpd.pid 30
/var/log/httpd-error.log                644  14     *    @T00  B     /var/run/httpd.pid 30
Daily rotation. But it'll send SIGUSR twice, once for the access log and once for the error log.

It's pretty much on the mark though:
Code:
# ll /var/log/httpd-access.log*
-rw-r--r--  1 root  wheel  15648 Jan 24 16:50 /var/log/httpd-access.log
-rw-r--r--  1 root  wheel  23468 Jan 24 00:00 /var/log/httpd-access.log.0
-rw-r--r--  1 root  wheel  30899 Jan 23 00:00 /var/log/httpd-access.log.1
-rw-r--r--  1 root  wheel  29790 Jan 14 00:00 /var/log/httpd-access.log.10
-rw-r--r--  1 root  wheel  22538 Jan 13 00:00 /var/log/httpd-access.log.11
-rw-r--r--  1 root  wheel  22411 Jan 12 00:00 /var/log/httpd-access.log.12
-rw-r--r--  1 root  wheel  21596 Jan 11 00:00 /var/log/httpd-access.log.13
-rw-r--r--  1 root  wheel  23785 Jan 22 00:00 /var/log/httpd-access.log.2
-rw-r--r--  1 root  wheel  22815 Jan 21 00:00 /var/log/httpd-access.log.3
-rw-r--r--  1 root  wheel  21589 Jan 20 00:00 /var/log/httpd-access.log.4
-rw-r--r--  1 root  wheel  21576 Jan 19 00:00 /var/log/httpd-access.log.5
-rw-r--r--  1 root  wheel  22132 Jan 18 00:00 /var/log/httpd-access.log.6
-rw-r--r--  1 root  wheel  21901 Jan 17 00:00 /var/log/httpd-access.log.7
-rw-r--r--  1 root  wheel  22302 Jan 16 00:00 /var/log/httpd-access.log.8
-rw-r--r--  1 root  wheel  22088 Jan 15 00:00 /var/log/httpd-access.log.9
 
Code:
root@mail:/usr/local/etc/newsyslog.conf.d # cat apache.conf
# Apache
/var/log/httpd-access.log               644  14     *    @T00  B     /var/run/httpd.pid 30
/var/log/httpd-error.log                644  14     *    @T00  B     /var/run/httpd.pid 30
Daily rotation. But it'll send SIGUSR twice, once for the access log and once for the error log.

It's pretty much on the mark though:
Code:
# ll /var/log/httpd-access.log*
-rw-r--r--  1 root  wheel  15648 Jan 24 16:50 /var/log/httpd-access.log
-rw-r--r--  1 root  wheel  23468 Jan 24 00:00 /var/log/httpd-access.log.0
-rw-r--r--  1 root  wheel  30899 Jan 23 00:00 /var/log/httpd-access.log.1
-rw-r--r--  1 root  wheel  29790 Jan 14 00:00 /var/log/httpd-access.log.10
-rw-r--r--  1 root  wheel  22538 Jan 13 00:00 /var/log/httpd-access.log.11
-rw-r--r--  1 root  wheel  22411 Jan 12 00:00 /var/log/httpd-access.log.12
-rw-r--r--  1 root  wheel  21596 Jan 11 00:00 /var/log/httpd-access.log.13
-rw-r--r--  1 root  wheel  23785 Jan 22 00:00 /var/log/httpd-access.log.2
-rw-r--r--  1 root  wheel  22815 Jan 21 00:00 /var/log/httpd-access.log.3
-rw-r--r--  1 root  wheel  21589 Jan 20 00:00 /var/log/httpd-access.log.4
-rw-r--r--  1 root  wheel  21576 Jan 19 00:00 /var/log/httpd-access.log.5
-rw-r--r--  1 root  wheel  22132 Jan 18 00:00 /var/log/httpd-access.log.6
-rw-r--r--  1 root  wheel  21901 Jan 17 00:00 /var/log/httpd-access.log.7
-rw-r--r--  1 root  wheel  22302 Jan 16 00:00 /var/log/httpd-access.log.8
-rw-r--r--  1 root  wheel  22088 Jan 15 00:00 /var/log/httpd-access.log.9

That's what I want to avoid, the multiple signals. Any way ?
 
Code:
root@mail:/usr/local/etc/newsyslog.conf.d # cat apache.conf
# Apache
/var/log/httpd-access.log               644  14     *    @T00  B     /var/run/httpd.pid 30
/var/log/httpd-error.log                644  14     *    @T00  B     /var/run/httpd.pid 30
Daily rotation. But it'll send SIGUSR twice, once for the access log and once for the error log.

It's pretty much on the mark though:
Code:
# ll /var/log/httpd-access.log*
-rw-r--r--  1 root  wheel  15648 Jan 24 16:50 /var/log/httpd-access.log
-rw-r--r--  1 root  wheel  23468 Jan 24 00:00 /var/log/httpd-access.log.0
-rw-r--r--  1 root  wheel  30899 Jan 23 00:00 /var/log/httpd-access.log.1
-rw-r--r--  1 root  wheel  29790 Jan 14 00:00 /var/log/httpd-access.log.10
-rw-r--r--  1 root  wheel  22538 Jan 13 00:00 /var/log/httpd-access.log.11
-rw-r--r--  1 root  wheel  22411 Jan 12 00:00 /var/log/httpd-access.log.12
-rw-r--r--  1 root  wheel  21596 Jan 11 00:00 /var/log/httpd-access.log.13
-rw-r--r--  1 root  wheel  23785 Jan 22 00:00 /var/log/httpd-access.log.2
-rw-r--r--  1 root  wheel  22815 Jan 21 00:00 /var/log/httpd-access.log.3
-rw-r--r--  1 root  wheel  21589 Jan 20 00:00 /var/log/httpd-access.log.4
-rw-r--r--  1 root  wheel  21576 Jan 19 00:00 /var/log/httpd-access.log.5
-rw-r--r--  1 root  wheel  22132 Jan 18 00:00 /var/log/httpd-access.log.6
-rw-r--r--  1 root  wheel  21901 Jan 17 00:00 /var/log/httpd-access.log.7
-rw-r--r--  1 root  wheel  22302 Jan 16 00:00 /var/log/httpd-access.log.8
-rw-r--r--  1 root  wheel  22088 Jan 15 00:00 /var/log/httpd-access.log.9

I mean, I can put an entry with the mention not to send a signal, and the second one to send, but how can I know the order in which they execute ?

Is it sequential or in parallel ?
 
I use crontab and a separate directory /var/log/www for vhost's logs.
So I just rename that directory with moving into www.old, create new directory, and run "apachectl graceful"

# crontab -l -u root
Code:
#minute hour    mday    month   wday     command
0       0       *       *       0        /root/bin/httpd_logrotate.sh

/root/bin/httpd_logrotate.sh
Code:
#!/bin/sh

cd /var/log && mv www www.old/www-`date "+%Y%m%d"` && mkdir www && /usr/local/sbin/apachectl graceful

ls -ld www.old/www*

Old logs will be removed automaticaly using periodic.

/etc/periodic.conf
Code:
daily_clean_tmps_enable="YES"
daily_clean_tmps_dirs="/var/log/www.old"
daily_clean_tmps_days="30"
daily_clean_tmps_verbose="YES"
 
I use crontab and a separate directory /var/log/www for vhost's logs.
So I just rename that directory with moving into www.old, create new directory, and run "apachectl graceful"

# crontab -l -u root
Code:
#minute hour    mday    month   wday     command
0       0       *       *       0        /root/bin/httpd_logrotate.sh

/root/bin/httpd_logrotate.sh
Code:
#!/bin/sh

cd /var/log && mv www www.old/www-`date "+%Y%m%d"` && mkdir www && /usr/local/sbin/apachectl graceful

ls -ld www.old/www*

Old logs will be removed automaticaly using periodic.

/etc/periodic.conf
Code:
daily_clean_tmps_enable="YES"
daily_clean_tmps_dirs="/var/log/www.old"
daily_clean_tmps_days="30"
daily_clean_tmps_verbose="YES"

Not a bad solution, do you know if it works for php-fpm too ?
Sending SIGUSR on a busy php-fpm instance causes all kinds of issues too.

I'm starting to think that the only real solution for busy Apache/PHP servers, especially part of a farm, is to use remote network logging
 
Code:
root@mail:/usr/local/etc/newsyslog.conf.d # cat apache.conf
# Apache
/var/log/httpd-access.log               644  14     *    @T00  B     /var/run/httpd.pid 30
/var/log/httpd-error.log                644  14     *    @T00  B     /var/run/httpd.pid 30
Daily rotation. But it'll send SIGUSR twice, once for the access log and once for the error log.
Sorry for updating a necropost, but I think newsyslog will only send the SIGUSR1 signal once in this situation. To test: Create two temporarily log files that are HUGE, then run newsyslog by hand with the -n switch, and look at the log file. It first creates all the new log files, then signals the process ONCE, and then compresses the old log files.
 
Sorry for updating a necropost, but I think newsyslog will only send the SIGUSR1 signal once in this situation. To test: Create two temporarily log files that are HUGE, then run newsyslog by hand with the -n switch, and look at the log file. It first creates all the new log files, then signals the process ONCE, and then compresses the old log files.

Another hint would be to use the G flag on /usr/local/etc/newsyslog.d/*.conf:
Code:
  1 #logfilename            [owner:group]   mode    count   size    when    flags   [/path_to_pid_cmd_file] [sig_num]
  2 /var/log/httpd*.log     root:wheel      644     3       *       $W1D0   GBJC    /var/run/httpd.pid      30

The above flag allows shell pattern on logfile's name.

From newsyslog.conf(5):
Code:
 G       indicates that the specified logfile_name is a shell
         pattern, and that newsyslog(8) should archive all
         filenames matching that pattern using the other options
         on this line.  See glob(3) for details on syntax and
         matching rules.
 
Another hint would be to use the G flag on /usr/local/etc/newsyslog.d/*.conf:
Code:
  1 #logfilename            [owner:group]   mode    count   size    when    flags   [/path_to_pid_cmd_file] [sig_num]
  2 /var/log/httpd*.log     root:wheel      644     3       *       $W1D0   GBJC    /var/run/httpd.pid      30

The above flag allows shell pattern on logfile's name.

From newsyslog.conf(5):
Code:
 G       indicates that the specified logfile_name is a shell
         pattern, and that newsyslog(8) should archive all
         filenames matching that pattern using the other options
         on this line.  See glob(3) for details on syntax and
         matching rules.
Contributing to the necropost 😂, the glob pattern is indeed the way to go. newsyslog first performs the configured rotation of all matched log files, and then sends the configured signal to the configured process just once.

And if any other type of sophisticated control on the sending of the signal is required, you can always forgo the signal in newsyslog's configuration and simply branch out to a hand-crafted script that newsyslog can execute for you, per the newsyslog.conf(5) man page.
 
Back
Top