logadm is a handy Solaris utility that can be used to rotate the log files. It is executed by cron and runs off the configuration file, /etc/logadm.conf. It's contains a list of log files managed by logadm and the corresponding criteria – size, age, count – and action – copy, truncate, compress – by which the logs are managed. With logadm used to rotate log files, system admins are not required to write complicated scripts to restart applications when there is a need to rotate their log files. logadm available with Solaris since the release of Solaris 9. After reading this blog you will get more understanding of logadm.
SYNOPSIS : logadm [-options] logname...
Advantages of logadm
For all the usual task surrounding logfile handling you could use the command logadm . It's a really capable tool:
- Rotating logs (by copying/truncating or moving )
- Configuring rules, when a log rotation should take place. This rules can be based on ...
- The size of the log file
- The time since last log rotation
- Executing command before and after a logfile rotation
- Compressing rotated log files based on rules
- Specifying your own commands to copy/move the files
- Specifying commands that should be used instead of a simple deletion for expiration of files
bash# crontab -l #ident "@(#)root 1.21 04/03/23 SMI" # # The root crontab should be used to perform accounting data collection. # # 10 3 * * * /usr/sbin/logadm 15 3 * * 0 /usr/lib/fs/nfs/nfsfind 30 3 * * * [ -x /usr/lib/gss/gsscred_clean ] && /usr/lib/gss/gsscred_clean 0 2 * * 4 /usr/lib/acct/dodisk 0 5 * * 1 /opt/SUNWexplo/bin/explorer -q # SUNWexplo bash#Let's look into the logadm.conf for better understanding.
bash# cat /etc/logadm.conf /var/log/syslog -C 8 -P 'Wed Jan 13 08:10:00 2010' -a 'kill -HUP `cat /var/run/syslog.pid`' /var/adm/messages -C 4 -P 'Fri May 24 07:10:00 2013' -a 'kill -HUP `cat /var/run/syslog.pid`' /var/cron/log -c -s 10240k -t /var/cron/olog /var/lp/logs/lpsched -C 2 -N -t '$file.$N' /var/adm/pacct -C 0 -N -P 'Mon Feb 18 03:19:18 2013' -a '/usr/lib/acct/accton pacct' -g adm -m 664 -o adm -p never /var/log/pool/poold -N -P 'Tue May 28 07:10:00 2013' -a 'pkill -HUP poold; true' -s 512k authlog -C 13 -a 'pkill -HUP syslogd' /var/log/authlog /var/log/authlog -P 'Fri May 24 07:10:00 2013' bash#OPTIONS and DEFINITION
-a post_command
Execute the post_command after renaming the log file. post_command is passed to sh -c.Specify post_command as a valid shell command. Use quotes to protect spaces or shell meta characters in post_command. This option can be used to restart a daemon that is writing to the file. When rotating multiple logs with one logadm command, post_command is executed only once after all the logs are rotated, not once per rotated log.
Delete any versions that have not been modified for the amount of time specified by age. Specify age as a number followed by an h (hours), d (days), w(weeks), m (months), or y (years).
-b pre_command
Execute pre_command before renaming the log file. pre_command is passed to sh -c.Specify pre_command as a valid shell command. Use quotes to protect spaces or shell metacharacters in the pre_command. This option can be used to stop a daemon that is writing to the file. When rotating multiple logs with one logadm command, pre_command is executed only once before all the logs are rotated, not once per rotated log.
-c copy
Rotate the log file by copying it and truncating the original logfile to zero length, rather than renaming the file.
-C count
Delete the oldest versions until there are not more than count files left.If no expire options (-A, -C, or -S) are specified, -C 10 is the default. To prevent the default expire rule from being added automatically, specify -C 0.
-e mail_addr
-E cmd
-f conf_file
Use conf_file instead of /etc/logadm.conf. This option allows non-root users to keep their own logadm configuration files.
-g group
Create a new empty file with the ID specified by group, instead of preserving the group ID of the log file.Specify group by name or by numeric group ID, as accepted by chgrp(1). This option requires the ability to change file group ownership using the chgrp(1) command.
-h
Print a help message that describes logadm's options.
-l
Use local time rather than the Coordinated Universal Time (UTC) when naming rotated log files (see the discussion of percent sequences in the templates supplied with the -t option).
-m mode
Create a new empty file with the mode specified by mode, instead of preserving the mode of the log file. Specify mode in any form that is accepted by the chmod(1) command.
-M cmd
-n
-N
Prevent an error message if the specified logfile does not exist. Normally, logadm produces an error message if the log file is not found. With -N, if the log file doesn't exist logadm moves on to the expire rules (if any) and then to the next log file (if any), without creating the empty replacement log file.
-o owner
Create the new empty file with owner, instead of preserving the owner of the log file.Specify owner in any form that is accepted by the chown(1) command.
-p period
Rotate a log file after the specified time period (period) . Specify period as a number followed by d for days, h for hours, w for weeks, m for months (really 30 days) or y for years. There are also two special values for period: now and never. -p now forces log rotation. -p never forces no log rotation.
-P timestamp
Used by logadm to record the last time the log was rotated in /etc/logadm.conf. This option uses timestamp to determine if the log rotation period has passed. The format of timestamp matches the format generated by ctime(3C), with quotes around it to protect embedded spaces. timestamp is always recorded in the Coordinated Universal Time (UTC) timezone.
-rRemove any entries corresponding to the specified logname from the /etc/logadm.conf.
-R cmd
-s size
Rotate the log file only if its size is greater than or equal to size. Specify size as a number followed by the letter b for bytes, k for kilobytes, m for megabytes, or g for giga bytes.
-S size
Delete the oldest versions until the total disk space used by the old log files is less than the specified size. Specify size as a number followed by the letter b for bytes, k for kilobytes, m for megabytes, or g for gigabytes.
-t template
-T pattern
-v verbose mode
Print information about the actions being executed in verbose mode.
-V Validate the configuration file.
This option validates that an entry for the specified logname exists in the /etc/logadm.conf file and is syn
tactically correct. If logname is not specified, all entries in the configuration file are validated. If a logname argument is specified, the command validates the syntax of that entry. If the entry is found, it is printed and the exit value of the command is true. Otherwise the exit value is false.
-w entry name
Write an entry into the config file (that is, /etc/logadm.conf) that corresponds to the current command line arguments. If an entry already existed for the specified entry name, it is removed first. This is the preferred method for updating /etc/logadm.conf, because it prevents syntax errors in that file. The entry name is an argument to an invocation of logadm. The entry name might be chosen as something easy to remember or it can be the path name of the log file. If no log file name is provided on a logadm command line, the entry name is assumed to be the same as the log file name. For example, the following two lines achieve the same result, keeping two copies of rotated log files:
% logadm -C2 -w mylog /my/really/long/log/file/name
% logadm -C2 -w /my/really/long/log/file/name
-z count
-C count
Delete the oldest versions until there are not more than count files left.If no expire options (-A, -C, or -S) are specified, -C 10 is the default. To prevent the default expire rule from being added automatically, specify -C 0.
-e mail_addr
Send error messages by email to mail_addr. As logadm is typically run from cron(1M), error messages are captured by cron and mailed to the owner of the crontab. This option is useful if you want the mail regarding error messages to go to another address instead. If no errors are encountered,no mail message is generated.
-E cmd
Execute cmd to expire the file, rather than deleting the old log file to expire it. cmd is passed it to sh -c. The file is considered expired after cmd completes. If the old log file is not removed or renamed by the cmd, logadm considers it for expiration the next time that it runs on the specified log file. If present, the keyword $file is expanded in the specified cmdto the name of the file being expired. This option is useful for tasks such as mailing old log files to administrators, or copying old log files to long term storage.
-f conf_file
Use conf_file instead of /etc/logadm.conf. This option allows non-root users to keep their own logadm configuration files.
-g group
Create a new empty file with the ID specified by group, instead of preserving the group ID of the log file.Specify group by name or by numeric group ID, as accepted by chgrp(1). This option requires the ability to change file group ownership using the chgrp(1) command.
-h
Print a help message that describes logadm's options.
-l
Use local time rather than the Coordinated Universal Time (UTC) when naming rotated log files (see the discussion of percent sequences in the templates supplied with the -t option).
Create a new empty file with the mode specified by mode, instead of preserving the mode of the log file. Specify mode in any form that is accepted by the chmod(1) command.
-M cmd
Use cmd to rename the log file. If the keyword $file is specified, it is expanded to the name of the log file. Similarly, the keyword $nfile is expanded to the new name of the log file. The $nfile keyword is only available with commands provided with the -M option. After the command completes, the log file is replaced by the rotate file. The default cmd is "/bin/mv $file $nfile".
Print the actions that the logadm command will perform without actually performing them. This option is useful for checking arguments before making any changes to the system. It is important to remember, however, that since log rotating actions are only printed with this option, logadm might not find files that need expiring, but if run without the -n logadm might create a file that needs expiring by performing the log rotating actions. Therefore, if you see no files being expired with the -n option, files still might be expired without it.
-N
Prevent an error message if the specified logfile does not exist. Normally, logadm produces an error message if the log file is not found. With -N, if the log file doesn't exist logadm moves on to the expire rules (if any) and then to the next log file (if any), without creating the empty replacement log file.
-o owner
Create the new empty file with owner, instead of preserving the owner of the log file.Specify owner in any form that is accepted by the chown(1) command.
-p period
Rotate a log file after the specified time period (period) . Specify period as a number followed by d for days, h for hours, w for weeks, m for months (really 30 days) or y for years. There are also two special values for period: now and never. -p now forces log rotation. -p never forces no log rotation.
-P timestamp
Used by logadm to record the last time the log was rotated in /etc/logadm.conf. This option uses timestamp to determine if the log rotation period has passed. The format of timestamp matches the format generated by ctime(3C), with quotes around it to protect embedded spaces. timestamp is always recorded in the Coordinated Universal Time (UTC) timezone.
-rRemove any entries corresponding to the specified logname from the /etc/logadm.conf.
-R cmd
Run the cmd when an old log file is created by a log rotation. If the keyword $file is embedded in the specified command, it is expanded to the name of the old log file just created by log rotation.This option is useful for processing log file contents after rotating the log. cmd is executed by passing it to sh -c. When rotating multiple logs with one logadm command, the command supplied with -R is executed once every time a log is rotated. This is useful for post processing a log file (that is, sorting it, removing uninteresting lines, etc.). The -a option is a better choice for restarting daemons after log rotation.
-s size
Rotate the log file only if its size is greater than or equal to size. Specify size as a number followed by the letter b for bytes, k for kilobytes, m for megabytes, or g for giga bytes.
-S size
Delete the oldest versions until the total disk space used by the old log files is less than the specified size. Specify size as a number followed by the letter b for bytes, k for kilobytes, m for megabytes, or g for gigabytes.
Specify the template to use when renaming log files. template can be a simple name, such as /var/adm/oldfile,
or it can contain special keywords which are expanded by logadm and are in the form $word. Allowed sequences are:
Normally logadm looks for a list of old log files by turning the template (specified with the -t option) into
a pattern and finding existing files whose names match that pattern. The -T option causes the given pattern to
be used instead. This option is useful if another program fiddles with the old log file names, like a cron job to compress them over time. The pattern is in the form of a pathname with special characters such as * and ? as supported by csh(1) filename substitution.
-v verbose mode
Print information about the actions being executed in verbose mode.
-V Validate the configuration file.
This option validates that an entry for the specified logname exists in the /etc/logadm.conf file and is syn
tactically correct. If logname is not specified, all entries in the configuration file are validated. If a logname argument is specified, the command validates the syntax of that entry. If the entry is found, it is printed and the exit value of the command is true. Otherwise the exit value is false.
-w entry name
Write an entry into the config file (that is, /etc/logadm.conf) that corresponds to the current command line arguments. If an entry already existed for the specified entry name, it is removed first. This is the preferred method for updating /etc/logadm.conf, because it prevents syntax errors in that file. The entry name is an argument to an invocation of logadm. The entry name might be chosen as something easy to remember or it can be the path name of the log file. If no log file name is provided on a logadm command line, the entry name is assumed to be the same as the log file name. For example, the following two lines achieve the same result, keeping two copies of rotated log files:
% logadm -C2 -w mylog /my/really/long/log/file/name
% logadm -C2 -w /my/really/long/log/file/name
-z count
Compress old log files as they are created. count of the most recent log files are left uncompressed, therefore
making the count most recent files easier to peruse. Use count of zero to compress all old logs.The compression is done with gzip(1) and the resulting log file has the suffix of .gz.
No comments:
Post a Comment