How to rotate apache logs in Linux
Here’s a little shell hack we did with synack last week. Basically instead of logrotate for apache we wrote this shell script which gives us more control over the logs. If you look into the codes you will see that it grabs all the apache log files, zips them, clear the logs, move the zipped file into different directory and if needed ftp/ssh file into different server. At the end, it restarts apache to enable new logs.
So enjoy!
[php]
#!/bin/sh
# log-apache.sh
#
# Copyright 2007 Arstan Jusupov
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
# Exporting paths
PATH=$PATH:/usr/local/sbin:/sbin:/usr/sbin
# Assign variables
LOGS_FILE_ZIP=`date +%Y%m%d`_logs.zip
LOGS_DIR=/var/log/httpd
LOGS_BACKUPS_DIR=/var/logs_backups
FTP_BACKUPS_DIR=/path/to/backup/`date +%Y%m`
APACHECTL=`which apachectl` # or hard-code full path
FTP_USER=”backup”
FTP_PASSWD=”backup”
FTP_SERVER=”192.168.x.x”
# Check if we can access $LOGS_DIR
if [ ! -d $LOGS_DIR ]; then
echo $LOGS_DIR does not exists or cannot be accessed.
break
fi
# Check if $LOGS_BACKUPS_DIR exists, if not create.
if [ ! -d $LOGS_BACKUPS_DIR ]; then
mkdir -p $LOGS_BACKUPS_DIR
fi
# Rotate the log files
for X in `ls $LOGS_DIR | grep log`; do
mv $LOGS_DIR/$X $LOGS_DIR/$(date +%Y%m%d)_$X
done
# Archive log files
zip $LOGS_BACKUPS_DIR/$LOGS_FILE_ZIP $LOGS_DIR/$(date +%Y%m%d)*
# Verification for successful zipping and removal of old log files.
if [ $? = 0 ]; then
rm $LOGS_DIR/$(date +%Y%m%d)*
fi
# Re-create the log files
for X in access_log error_log ssl_error_log ssl_request_log modsec_audit_log modsec_debug_log; do
touch $LOGS_DIR/$X
done
# Finally, restarting apache or if you want $APACHECTL graceful
$APACHECTL restart
# Off-system transfer of the log files
# Change local dir
cd $LOGS_BACKUPS_DIR
ftp -n $FTP_SERVER <
user $FTP_USER $FTP_PASSWD
binary
# create the remote backup dir in %Y%m format, if exists wont hurt
# I dont know how to do: if [ -d $DIR ]; then
mkdir $FTP_BACKUPS_DIR
cd $FTP_BACKUPS_DIR
put $LOGS_FILE_ZIP
bye
End-Of-Session
echo Done
exit 0
[/php]
Comments
Leave a Reply
You must be logged in to post a comment.
About
Welcome to Arstan's personal blog. This blog includes tips on Linux, Apache, MySQL, Shell Scripts. Hardware/software and internet technologies reviews and updates.
