document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-01-25 23:11:02 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #17849 from HankChow/master

Browse Source 
hankchow translated
This commit is contained in:
Xingyu.Wang 2020-03-24 10:31:11 +08:00 committed by GitHub
commit 7c75339a15
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 147 additions and 146 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

146
sources/tech/20200319 Manually rotating log files on Linux.md
View File

@ -1,146 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (HankChow)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Manually rotating log files on Linux)
[#]: via: (https://www.networkworld.com/article/3531969/manually-rotating-log-files-on-linux.html)
[#]: author: (Sandra Henry-Stocker https://www.networkworld.com/author/Sandra-Henry_Stocker/)
Manually rotating log files on Linux
======
[deovolenti][1] [(CC BY 2.0)][2]
Log rotation, a normal thing on Linux systems, keeps any particular log file from becoming too large, yet ensures that sufficient details on system activities are still available for proper system monitoring and troubleshooting.
The oldest in a group of log files is removed, remaining log files are bumped down a notch and a newer file takes its place as the current log file. This process is conveniently automated and the details can be adjusted as needed.
[[Get regularly scheduled insights by signing up for Network World newsletters.]][3]
Manual rotation of log files is possible through the use of the **logrotate** command. This post provides details on how to manually rotate log files and what to expect.
The examples described in this post work on Ubuntu and related Linux systems. Other systems might use different log file and configuration file names, but the process itself should be very similar.
### Why rotate a log file
Under normal circumstances, there is no need to manually rotate log files. Your Linux system should already be set up to rotate some logs daily (or less often) and others depending on their size. If you need to rotate a log file to free up space or separate a current log from ongoing activity, it's fairly easy to do but will depend on your file-rotation specifications.
### A little background
A number of log files are set up for rotation as soon as a Linux system is installed. In addition, certain applications add their own log files and rotation specs when they are installed on the system. The configuration files for log-file rotations can be found in the **/etc/logrotate.d** directory. Details on how this process works are available on an [earlier post][4].
In the log-rotation process, the current log generally acquires a name like log.1, the old log.1 becomes log.2 and so on while the oldest of the log files, say log.7, is removed from the system. Of course, the names and number of versions retained depend on the logs being rotated and the rotation specifications for those files in the **/etc/logrotate.d** directory. For some log files, only a few "generations" are retained while, for others, you might see seven or even more.
[][5]
After the usual log file rotation, your **syslog** files might look like the following. (NOTE: The "was syslog" comments at the end of lines were added to illustrate how the rotation process affected the files.)
```
$ ls -l /var/log/syslog*
-rw-r----- 1 syslog adm 128674 Mar 10 08:00 /var/log/syslog <== new
-rw-r----- 1 syslog adm 2405968 Mar 9 16:09 /var/log/syslog.1 <== was syslog
-rw-r----- 1 syslog adm 206451 Mar 9 00:00 /var/log/syslog.2.gz <== was syslog.1
-rw-r----- 1 syslog adm 216852 Mar 8 00:00 /var/log/syslog.3.gz <== was syslog.2.gz
-rw-r----- 1 syslog adm 212889 Mar 7 00:00 /var/log/syslog.4.gz <== was syslog.3.gz
-rw-r----- 1 syslog adm 219106 Mar 6 00:00 /var/log/syslog.5.gz <== was syslog.4.gz
-rw-r----- 1 syslog adm 218596 Mar 5 00:00 /var/log/syslog.6.gz <== was syslog.5.gz
-rw-r----- 1 syslog adm 211074 Mar 4 00:00 /var/log/syslog.7.gz <== was syslog.6.gz
```
You might not be surprised to see that all but the current and most recent log files on this system have been gzipped to save space. The expectation behind this is that most system admins would likely be looking at only the most recent files, so keeping others available but compressed is a smart move.
### Manual log rotation
To manually rotate the syslog files, you would use the **logrotate** command like this:
```
$ sudo logrotate -f /etc/logrotate.d/rsyslog
```
Notice that this **logrotate** command uses **-f** (force the rotation) option. The rotation configuration details are pulled from the specified file in the **/etc/logrotate.d/rsyslog** directory. This command would then follow the typical process  remove **syslog.7.gz**, move **syslog.6.gz** to **syslog.7.gz**, move **syslog.5.gz** to **syslog.6.gz**, move **syslog.4.gz** to **syslog.5.gz**, move **syslog.3.gz** to **syslog.4.gz**, and move **syslog.2.gz** to **syslog.1.gz**, but it would not necessarily create the new **syslog** file. You could do that manually with commands like these to set up the file and ensure proper file ownership and permissions:
```
$ sudo touch /var/log/syslog
$ sudo chown syslog:adm /var/log/syslog
$ sudo chmod 640 /var/log/syslog
```
Alternately, you could add this line to your **/etc/logrotate.d/rsyslog** file to do the work for you:
```
create 0640 syslog adm
```
Insert as shown below:
```
/var/log/syslog
{
rotate 7
daily
missingok
notifempty
create 0640 syslog adm <==
delaycompress
compress
postrotate
/usr/lib/rsyslog/rsyslog-rotate
endscript
}
```
Here is an example of manual log rotation of the **wtmp** log files that record user logins. Note that only two **wtmp** files are retained on this system due to the "rotate 2" specification in **/etc/logrotate.d/wtmp**.
Before:
```
$ ls -l wtmp*
-rw-r----- 1 root utmp 1152 Mar 12 11:49 wtmp
-rw-r----- 1 root utmp 768 Mar 11 17:04 wtmp.1
```
Command:
```
$ sudo logrotate -f /etc/logrotate.d/wtmp
```
After:
```
$ ls -l /var/log/wtmp*
-rw-r----- 1 root utmp 0 Mar 12 11:52 /var/log/wtmp
-rw-r----- 1 root utmp 1152 Mar 12 11:49 /var/log/wtmp.1
-rw-r----- 1 root adm 99726 Feb 21 07:46 /var/log/wtmp.report
```
Notice that the most recent rotations for each log are captured in **logrotate**'s status file  whether the rotations are done manually or are automated:
```
$ grep wtmp /var/lib/logrotate/status
"/var/log/wtmp" 2020-3-12-11:52:57
```
Join the Network World communities on [Facebook][6] and [LinkedIn][7] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3531969/manually-rotating-log-files-on-linux.html
作者:[Sandra Henry-Stocker][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Sandra-Henry_Stocker/
[b]: https://github.com/lujun9972
[1]: https://www.flickr.com/photos/klif/4244284159/in/photolist-7t44P6-oPFpsr-a8c5W-gWNZ6-32EEo4-cjdxqy-diHaq9-8DYZWf-gWNWM-bgLApc-hBt94C-cj71kY-PMESV-dZBcCU-pSqgNM-51eKHq-EecbfS-osGNau-KMUx-nFaWEL-cj71PE-HFVXn-gWNWs-85HueR-8QpDh8-kV1dEc-76qYSV-5YnxuS-gWNXr-dYoQ5w-dzj1j3-3AJyd-mHbaWF-q2fTri-e9bFa6-nJyvfR-4PnMyH-gWNZr-8VUtGS-gWNWZ-ajzUd4-2hAjMk-gWW3g-gWP11-dwYbH5-4XMew-cj71B1-ica9kJ-5RonM6-8z5tGL
[2]: https://creativecommons.org/licenses/by/2.0/legalcode
[3]: https://www.networkworld.com/newsletters/signup.html
[4]: https://www.networkworld.com/article/3218728/how-log-rotation-works-with-logrotate.html
[5]: https://www.networkworld.com/blog/itaas-and-the-corporate-storage-technology/?utm_source=IDG&utm_medium=promotions&utm_campaign=HPE22140&utm_content=sidebar (ITAAS and Corporate Storage Strategy)
[6]: https://www.facebook.com/NetworkWorld/
[7]: https://www.linkedin.com/company/network-world

147
translated/tech/20200319 Manually rotating log files on Linux.md Normal file
View File

@ -0,0 +1,147 @@
[#]: collector: (lujun9972)
[#]: translator: (HankChow)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Manually rotating log files on Linux)
[#]: via: (https://www.networkworld.com/article/3531969/manually-rotating-log-files-on-linux.html)
[#]: author: (Sandra Henry-Stocker https://www.networkworld.com/author/Sandra-Henry_Stocker/)
在 Linux 系统中手动滚动日志
======
[deovolenti][1] [(CC BY 2.0)][2]
<ruby>日志滚动<rt>log rotation</rt></ruby>在 Linux 系统上是在常见不过的一个功能了,它为系统监控和故障排查保留必要的日志内容,同时又防止过多日志堆积在单个日志文件当中。
日志滚动的过程是这样的:在一组日志文件之中,编号最大的一个日志文件会被删除,其余的日志文件编号则依次增大并取代较旧的日志文件。这一个过程很容易就可以实现自动化,在细节上还能按需作出微调。
[[Get regularly scheduled insights by signing up for Network World newsletters.]][3]
使用 `logrotate` 命令可以手动执行日志滚动的操作。本文将要介绍的就是手动进行日志滚动的方法,以及预期产生的结果。
文中出现的示例适用于 Ubuntu 等 Linux 系统,对于其它类型的系统,日志文件和配置文件可能会有所不同,但日志滚动的过程是大同小异的。
### 为什么需要日志滚动
一般情况下Linux 系统会每隔一天(或间隔更长的时间)就自动进行一次日志滚动,因此需要手动执行日志滚动的场景并不多,除非有些日志的体积确实比较大。如果你需要释放存储空间,又或者将某一部分日志文件从活动的日志中分割出来,得当的日志滚动就是很方便的解决方法。
### 一点背景介绍
在 Linux 系统安装完成后就已经有很多日志文件被纳入到日志滚动的范围内了,另外,一些应用程序在安装时也会为自己产生的日志文件设置滚动规则。一般来说,日志滚动的配置文件会放置在 `/etc/logrotate.d`。如果你想了解日志滚动的详细实现,可以参考[这篇以前的文章][4]。
在日志滚动的过程中,活动日志会以一个新名称命名,例如 `log.1`,之前被命名为 `log.1` 的文件则会被重命名为 `log.2`,以此类推。在这一组文件中,最旧的日志文件(假如名为 `log.7`)会从系统中删除。日志滚动时文件的命名方式、保留日志文件的数量等参数是由 `/etc/logrotate.d` 目录中的配置文件决定的,因此你可能会看到有些日志文件只有少数几次滚动,而有些日志文件的滚动次数远大于 7 次。
[][5]
例如 `syslog` 在经过日志滚动之后可能会如下所示(注意,行尾的注释部分只是说明滚动过程是如何对文件名产生影响的):
```
$ ls -l /var/log/syslog*
-rw-r----- 1 syslog adm 128674 Mar 10 08:00 /var/log/syslog <== 新文件
-rw-r----- 1 syslog adm 2405968 Mar 9 16:09 /var/log/syslog.1 <== 之前的 syslog
-rw-r----- 1 syslog adm 206451 Mar 9 00:00 /var/log/syslog.2.gz <== 之前的 syslog.1
-rw-r----- 1 syslog adm 216852 Mar 8 00:00 /var/log/syslog.3.gz <== 之前的 syslog.2.gz
-rw-r----- 1 syslog adm 212889 Mar 7 00:00 /var/log/syslog.4.gz <== 之前的 syslog.3.gz
-rw-r----- 1 syslog adm 219106 Mar 6 00:00 /var/log/syslog.5.gz <== 之前的 syslog.4.gz
-rw-r----- 1 syslog adm 218596 Mar 5 00:00 /var/log/syslog.6.gz <== 之前的 syslog.5.gz
-rw-r----- 1 syslog adm 211074 Mar 4 00:00 /var/log/syslog.7.gz <== 之前的 syslog.6.gz
```
你可能会发现,除了活动日志和最新一次滚动的日志文件之外,其余的文件都已经被压缩以节省存储空间。这样设计的原因是大部分系统管理员都只需要查阅最新的日志文件,其余的日志文件压缩起来,需要的时候可以解压查阅,这是一个很好的折中方案。
### 手动日志滚动
你可以这样执行 `logrotate` 命令进行手动日志滚动:
```
$ sudo logrotate -f /etc/logrotate.d/rsyslog
```
值得一提的是,`logrotate` 命令使用 `/etc/logrotate.d/rsyslog` 这个配置文件,并通过了 `-f` 参数实行“强制滚动”。因此,整个过程将会是:删除 `syslog.7.gz`,将原来的 `syslog.6.gz` 命名为 `syslog.7.gz`,将原来的 `syslog.5.gz` 命名为 `syslog.6.gz`,将原来的 `syslog.4.gz` 命名为 `syslog.5.gz`,将原来的 `syslog.3.gz` 命名为 `syslog.4.gz`,将原来的 `syslog.2.gz` 命名为 `syslog.3.gz`,将原来的 `syslog.1.gz` 命名为 `syslog.2.gz`,但新的 `syslog` 文件不一定会创建。你可以按照下面的几条命令执行操作,以确保文件的属主和权限正确:
```
$ sudo touch /var/log/syslog
$ sudo chown syslog:adm /var/log/syslog
$ sudo chmod 640 /var/log/syslog
```
你也可以把以下这一行内容添加到 `/etc/logrotate.d/rsyslog` 当中,由 `logrotate` 来帮你完成上面三条命令的操作:
```
create 0640 syslog adm
```
整个配置文件的内容是这样的:
```
/var/log/syslog
{
rotate 7
daily
missingok
notifempty
create 0640 syslog adm <==
delaycompress
compress
postrotate
/usr/lib/rsyslog/rsyslog-rotate
endscript
}
```
下面是用户登录日志文件 `wtmp` 手动日志滚动的示例。由于 `/etc/logrotate.d/wtmp` 中有 `rotate 2` 的配置,因此系统中只保留了两份 `wtmp` 日志文件。
滚动前:
```
$ ls -l wtmp*
-rw-r----- 1 root utmp 1152 Mar 12 11:49 wtmp
-rw-r----- 1 root utmp 768 Mar 11 17:04 wtmp.1
```
执行滚动命令:
```
$ sudo logrotate -f /etc/logrotate.d/wtmp
```
滚动后:
```
$ ls -l /var/log/wtmp*
-rw-r----- 1 root utmp 0 Mar 12 11:52 /var/log/wtmp
-rw-r----- 1 root utmp 1152 Mar 12 11:49 /var/log/wtmp.1
-rw-r----- 1 root adm 99726 Feb 21 07:46 /var/log/wtmp.report
```
需要知道的是,无论发生的日志滚动是自动滚动还是手动滚动,最近一次的滚动时间都会记录在 `logrorate` 的状态文件中。
```
$ grep wtmp /var/lib/logrotate/status
"/var/log/wtmp" 2020-3-12-11:52:57
```
欢迎加入 [Facebook][6] 和 [LinkedIn][7] 上的 Network World 社区参与话题评论。
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3531969/manually-rotating-log-files-on-linux.html
作者:[Sandra Henry-Stocker][a]
选题:[lujun9972][b]
译者:[HankChow](https://github.com/HankChow)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Sandra-Henry_Stocker/
[b]: https://github.com/lujun9972
[1]: https://www.flickr.com/photos/klif/4244284159/in/photolist-7t44P6-oPFpsr-a8c5W-gWNZ6-32EEo4-cjdxqy-diHaq9-8DYZWf-gWNWM-bgLApc-hBt94C-cj71kY-PMESV-dZBcCU-pSqgNM-51eKHq-EecbfS-osGNau-KMUx-nFaWEL-cj71PE-HFVXn-gWNWs-85HueR-8QpDh8-kV1dEc-76qYSV-5YnxuS-gWNXr-dYoQ5w-dzj1j3-3AJyd-mHbaWF-q2fTri-e9bFa6-nJyvfR-4PnMyH-gWNZr-8VUtGS-gWNWZ-ajzUd4-2hAjMk-gWW3g-gWP11-dwYbH5-4XMew-cj71B1-ica9kJ-5RonM6-8z5tGL
[2]: https://creativecommons.org/licenses/by/2.0/legalcode
[3]: https://www.networkworld.com/newsletters/signup.html
[4]: https://www.networkworld.com/article/3218728/how-log-rotation-works-with-logrotate.html
[5]: https://www.networkworld.com/blog/itaas-and-the-corporate-storage-technology/?utm_source=IDG&utm_medium=promotions&utm_campaign=HPE22140&utm_content=sidebar (ITAAS and Corporate Storage Strategy)
[6]: https://www.facebook.com/NetworkWorld/
[7]: https://www.linkedin.com/company/network-world