Bind log file rotation strategies?
Mark Andrews
Mark_Andrews at isc.org
Mon May 2 23:08:53 UTC 2005
> Hello.
>
> I have configured Bind 9 to log to a file. But I want to rotate AND
> COMPRESS (gzip) the rotated files, for lets say a cycle of 30 days. I am
> aware of the "versions" option, which does the rotation part, but how do
> you people go about compressing the already rotated files, in an easy
> *automated* way which plays nice with BIND log creation?
>
> I have resorted to a logrotate pre-script that does the preparation, but
> I guess better ideas may exist...
>
> This is my current configuration:
>
>
> ---------------------
> File /etc/bind/named.conf:
>
> logging {
> channel mi_fichero {
> file "/var/log/bind/bind.log" versions 1 size 10M;
> severity info;
> print-category yes;
> print-severity yes;
> print-time yes;
> };
> category client { mi_fichero; };
> category config { mi_fichero; };
> category database { mi_fichero; };
> category dnssec { mi_fichero; };
> category lame-servers { mi_fichero; };
> category network { mi_fichero; };
> category notify { mi_fichero; };
> category queries { mi_fichero; };
> category resolver { mi_fichero; };
> category security { mi_fichero; };
> category update { mi_fichero; };
> category xfer-in { mi_fichero; };
> category xfer-out { mi_fichero; };
> category general { mi_fichero; };
> };
>
>
> ---------------------
> File /etc/logrotate.d/bind:
>
> /var/log/bind/bind.log.rotado {
> daily
> missingok
> nocreate
> rotate 30
> compress
> notifempty
> sharedscripts
> prerotate
> /usr/local/sbin/bind9-pre-rotate.sh
> endscript
> }
>
>
> ---------------------
> File /usr/local/sbin/bind9-pre-rotate.sh:
>
> #!/bin/bash
> [ -f /var/log/bind/bind.log.0 ] \
> && mv /var/log/bind/bind.log.0 /var/log/bind/bind.log.rotado
>
>
> It works, provided the daily BIND log does not grow bigger than 10 MB
> (If that happens, I guess I would loose the log because of "versions 1".
> However configuring "versions" higher that 1 would mean the script
> "bind9-pre-rotate.sh" would have to account also for an additional
> "/var/log/bind/bind.log.1" BIND log file... and probably configure
> another logrotate.d entry for it...)
>
> So I am not really happy and would like to hear any suggestion or
> improvement.
>
> Thank you very much.
>
> Regards,
>
> Pepe.
>
>
Well I would be telling named to create more than one version.
I would have the script look for all the versions created by
named oldest to newest. The script would rotate out the old
compressed files and compress the oldest of named's file into
the 0.gz position until all the of them has been processed.
The following is untested. It will keep 10 backup versions
compressed using gzip.
base=/var/log/bind/bind.log.
for log in 9 8 7 6 5 4 3 2 1 0
do
if [ -f $base.$log ]
then
for gz in 8 7 6 5 4 3 2 1 0
do
if [ -f $base.$gz.gz ]
then
new=`expr $gz + 1`
mv $base.$gz.gz $base.$new.gz
fi
done
gzip < $base.$log > $base.0.gz && rm $base.$log
fi
done
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list