Dmitri Pal wrote:
On 09/11/2012 08:18 AM, Christian Horn wrote:

On Mon, Sep 10, 2012 at 06:07:57PM -0400, Dmitri Pal wrote:
Does anyone use logrotate?
Not yet, indeed good idea.

Have you seen something else that would be valuable for others to
consider when configuring logrotate with IPA?
IPA has many services writing to independent files.  Having these
logs collected in a central place seems to be a common desire.
For DNS syslog is used and can directly log to a remote location.

For the other services the best idea so far seems to be to have
a cronjob which uses rsync/ssh to centrally store the logs.

This can be implemented without much further thought.
If logrotate is used on the IPA servers, but also longer logs
should be kept on the central server, further thoughts would
be needed here..

Thats the only relevant thing coming to mind for the topic.

Collecting log centrally is a separate topic.
I want to focus on the logrotate configuration and potential issues
people might have or have had in the past related to logrotate causing
IPA to fail.

logrotate is being used by every IPA user today unless they have configured it to NOT be used. There are default logrotate rules for named, httpd, tomcat6, sssd and krb5kdc. 389-ds-base does its own log rotation AFAIU.


Freeipa-users mailing list

Reply via email to