Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Questions about log rotation tools, and log rotation policies in pfSense

    Development
    1
    1
    737
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DarkSoul42
      last edited by

      I have been maintaining a few things on the mod_security+Apache package, given we have a use for it at work (namely the fine tuning for SSL cilent certificates upon reverse proxying).

      I noticed one huge problem however, it's that Apache logs will pile up and have to be erased on a regular basis, lest the whole thing gets brought down in a world of pain.
      I also set up a Redmine ticket for this specific issue :
      https://redmine.pfsense.org/issues/3485

      FreeBSD's default log rotation tools are not available, so even if I did use Apache's rotatelogs (which the current package does not, I will probably have to modify it to support it), I could only generate separate files and not erase the older ones.
      As it is, I am dealing with the issue by adding a cron job by hand to erase the log and restart Apache. I will eventually fix the init script myself, as it is really broken right now, and is actually making extremely poor use of the existing rc.d script provided by the vanilla package.

      I am therefore wondering :

      • how do other applications go about rotating their logs (for the ones who don't have the functionality built-in) ?
      • how does one make a package register a cron job in a clean, future-proof way?
      • pfSense default logs are stored in a static size file, that would be the best way to go about it, but is there a helper tool to create such files, and pipe input in them? (That way log definitions in Apache could be handled with "|/usr/sbin/whatever /var/log/httpd.log", thus fixing the problem for good)
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.