How to manage log rotation in Linux
Log rotation is managed by logrotate, configured via /etc/logrotate.conf and files in /etc/logrotate.d/, using directives like daily, rotate, compress, and postrotate; test with logrotate -d, force with -f, and rely on cron for automated execution.
Log rotation is essential for maintaining system performance and ensuring log files don’t consume excessive disk space. In Linux, this is typically handled by the logrotate utility, which automates the process of archiving, compressing, and removing old log files.
Understanding logrotate Configuration
logrotate reads configuration files to determine how logs should be managed. The main configuration file is located at /etc/logrotate.conf, and additional rules can be placed in /etc/logrotate.d/ for specific applications like Apache, Nginx, or custom services.
A basic configuration looks like this:
/var/log/myapp/*.log { daily rotate 7 compress missingok notifempty create 644 user group }Key directives include:
- daily – Rotate logs every day (can also use weekly, monthly, or yearly)
- rotate 7 – Keep 7 rotated logs before deleting older ones
- compress – Compress old logs with gzip
- missingok – Don’t throw an error if the log file is missing
- notifempty – Skip rotation if the log file is empty
- create – Create a new log file after rotation with specified permissions, owner, and group
Testing and Forcing Rotation
Before applying changes, test your configuration to catch syntax errors:
logrotate -d /etc/logrotate.confThe -d flag runs logrotate in debug mode, showing what would happen without making actual changes.
To manually force a rotation for testing:
logrotate -f /etc/logrotate.d/myappThis forces rotation based on the specified config file, useful after making adjustments.
Handling Application Logs That Don’t Close Files
Some services need to be notified when logs are rotated so they can reopen the log file. Use the postrotate script block:
/var/log/nginx/*.log { daily rotate 10 compress postrotate systemctl reload nginx > /dev/null 2>&1 || true endscript }The postrotate section runs commands after rotation. Sending a reload signal tells the service to close and reopen log files.
Scheduling with Cron
logrotate is usually run automatically by cron. Most systems have a daily cron job at /etc/cron.daily/logrotate. Ensure execution permissions are set:
chmod x /etc/cron.daily/logrotateYou don’t usually need to configure this manually—it’s handled by the system package manager.
Basically, setting up logrotate involves writing clear rules, testing them, and relying on cron to handle regular execution. With proper configuration, it runs smoothly in the background.
The above is the detailed content of How to manage log rotation in Linux. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undress AI Tool
Undress images for free
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undresser.AI Undress
AI-powered app for creating realistic nude photos
ArtGPT
AI image generator for creative art from text prompts.
Stock Market GPT
AI powered investment research for smarter decisions
Hot Article
Popular tool
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
20516
7
13630
4
![How to install Redis cluster on Linux_Linux distributed cache deployment solution [Advanced]](https://img.php.cn/upload/article/202602/08/2026020819395340210.jpg)
How to install Redis cluster on Linux_Linux distributed cache deployment solution [Advanced]
Feb 08, 2026 pm 07:39 PM
The Redis6 cluster must be created with redis-cli--cluster. It requires a minimum of 3 masters and 3 slaves, a total of 6 nodes. The client port and the corresponding cluster bus port (10000) must be opened. Correct configuration but blocked ports is a common cause of failure.
How to import SQL files in mysql_mysql SQL file import method
Feb 09, 2026 pm 05:24 PM
The most common and reliable way to import SQL files into MySQL is the command line tool mysql, which supports cross-platform, high efficiency and stability, and is suitable for files of all sizes. It can also be executed in the client through the source command, or using graphical tools such as phpMyAdmin and MySQL Workbench.
![How to check system vulnerabilities in Linux_Linux installation and use of security scanning tools [Plan]](https://img.php.cn/upload/article/202602/08/2026020820223270626.jpg)
How to check system vulnerabilities in Linux_Linux installation and use of security scanning tools [Plan]
Feb 08, 2026 pm 08:22 PM
Linux systems need to use third-party tools for security scanning; lynis is suitable for lightweight local auditing, openvas must be deployed with Docker, nmap and nessus cannot be automatically connected, and the effectiveness of scanning depends on credentials, settings and feed updates.
![How to check the MAC address of the network card in Linux_Linux obtains the physical network card information [Notes]](https://img.php.cn/upload/article/202602/08/2026020820250847002.jpg)
How to check the MAC address of the network card in Linux_Linux obtains the physical network card information [Notes]
Feb 08, 2026 pm 08:25 PM
The most reliable way is to use the iplinkshow command, because it is compatible with old and new kernels, has clear output, and does not confuse virtual interfaces; the MAC address is located after the link/ether line and can be accurately extracted with grep.
How to diagnose mysql query performance bottleneck_mysql performance analysis method
Feb 08, 2026 am 09:45 AM
Slow query optimization requires four layers of troubleshooting: "Log → Execution Plan → System Indicators → Configure Hardware": first open slow_query_log to capture queries that exceed 1 second; then use EXPLAIN to analyze type, key, rows and Extra; then check sar, buffer pool hit rate, lock wait and number of connections; finally examine innodb_flush_method, redolog size, large field storage and network architecture.
![How to install the GCC compiler on Linux_Essential environment for Linux source code compilation [Tutorial]](https://img.php.cn/upload/article/202602/08/2026020820281635667.jpg)
How to install the GCC compiler on Linux_Essential environment for Linux source code compilation [Tutorial]
Feb 08, 2026 pm 08:28 PM
Using sudoaptinstallbuild-essential is the fastest under Ubuntu/Debian. It automatically installs gcc, g, make, libc6-dev, etc.; only installing gcc will report an error that stdio.h does not exist due to a missing header file.
![How to check the kernel version in Linux_Linux query system kernel uname command [Basic]](https://img.php.cn/upload/article/202602/08/2026020819483069387.jpg)
How to check the kernel version in Linux_Linux query system kernel uname command [Basic]
Feb 08, 2026 pm 07:48 PM
uname-r is the most accurate and quick way to obtain the current kernel version number. It only outputs the release field such as 6.1.0-22-amd64, without redundant information, which is convenient for script parsing; other commands such as uname-v, uname-a or /proc/version have their own uses but are not specifically used for version extraction.
Ultimate solution to ZAP installation failure: Why you must install JDK and not just JRE
Feb 08, 2026 am 11:15 AM
When ZAP (ZedAttackProxy) is installed, it prompts "Java 64-bit file not found." The root cause is not that Java is not installed, but that the JRE that only contains the running environment is mistakenly installed; ZAP actually relies on JDK11 (such as JDK21) because it requires the use of development components such as compilers and debugging tools.
