User`s guide
Protogate Freeway Security Features User’s Guide (SFUG) Chapter 6. Hardening a Freeway
6.8. Rotate Log Files
Figure 6-8 shows a method for rotating and maintaining the system logs, including the webserver logs. This method
uses the /usr/sbin/cron daemon to periodically check the log files, and rotate them if necessary. See
Chapter 3
for more details.
Figure 6-8. Rotate the Log Files
echo "#!/bin/sh" > /tmp/httplog_rotate.sh
echo "#" >> /tmp/httplog_rotate.sh
echo "# This script rotates the webserver log files." >> /tmp/httplog_rotate.sh
echo "# It is expected to be run once per day." >> /tmp/httplog_rotate.sh
echo "#" >> /tmp/httplog_rotate.sh
echo "export B_FWY_SERVERNAME=${B_FWY_SERVERNAME}" >> /tmp/httplog_rotate.sh
echo "#" >> /tmp/httplog_rotate.sh
echo "rm -f /var/log/httpd-access.log.31.gz" >> /tmp/httplog_rotate.sh
echo "rm -f /var/log/httpsd-access.log.31.gz" >> /tmp/httplog_rotate.sh
echo "rm -f /var/log/httpd-error.log.31.gz" >> /tmp/httplog_rotate.sh
echo "rm -f /var/log/httpsd-error.log.31.gz" >> /tmp/httplog_rotate.sh
echo "for i in 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 ; do" \
>> /tmp/httplog_rotate.sh
echo " export NEWNUM=\"\‘expr \${i} + 1\‘\"" >> /tmp/httplog_rotate.sh
echo " mv -f /var/log/httpd-access.log.\${i}.gz /var/log/httpd-access.log.\${NEWNUM}.gz" \
>> /tmp/httplog_rotate.sh
echo " mv -f /var/log/httpsd-access.log.\${i}.gz /var/log/httpsd-access.log.\${NEWNUM}.gz" \
>> /tmp/httplog_rotate.sh
echo " mv -f /var/log/httpd-error.log.\${i}.gz /var/log/httpd-error.log.\${NEWNUM}.gz" \
>> /tmp/httplog_rotate.sh
echo " mv -f /var/log/httpsd-error.log.\${i}.gz /var/log/httpsd-error.log.\${NEWNUM}.gz" \
>> /tmp/httplog_rotate.sh
echo "done" >> /tmp/httplog_rotate.sh
echo "/usr/local/etc/rc.d/apache22 stop" >> /tmp/httplog_rotate.sh
echo "mv -f /var/log/httpd-access.log /var/log/httpd-access.log.0" >> /tmp/httplog_rotate.sh
echo "mv -f /var/log/httpsd-access.log /var/log/httpsd-access.log.0" >> /tmp/httplog_rotate.sh
echo "mv -f /var/log/httpd-error.log /var/log/httpd-error.log.0" >> /tmp/httplog_rotate.sh
echo "mv -f /var/log/httpsd-error.log /var/log/httpsd-error.log.0" >> /tmp/httplog_rotate.sh
echo "/usr/local/etc/rc.d/apache22 start" >> /tmp/httplog_rotate.sh
echo "/sbin/gzip /var/log/httpd-access.log.0" >> /tmp/httplog_rotate.sh
echo "/sbin/gzip /var/log/httpsd-access.log.0" >> /tmp/httplog_rotate.sh
echo "/sbin/gzip /var/log/httpd-error.log.0" >> /tmp/httplog_rotate.sh
echo "/sbin/gzip /var/log/httpsd-error.log.0" >> /tmp/httplog_rotate.sh
chmod go-wx /tmp/httplog_rotate.sh
chflags schg /tmp/httplog_rotate.sh
echo "# logfilename mode count size when flags" > /etc/newsyslog.conf
echo "${LOG_DIR}/all.log 600 31
*
@T05 WZ" >> /etc/newsyslog.conf
echo "${LOG_DIR}/cron 600 31
*
@T05 WZ" >> /etc/newsyslog.conf
echo "${LOG_DIR}/sra_err.log 644 31
*
@T05 WZ" >> /etc/newsyslog.conf
echo "${LOG_DIR}/sra_notice.log 644 31
*
@T05 WZ" >> /etc/newsyslog.conf
echo "${LOG_DIR}/sra_all.log 644 31
*
@T05 WZ" >> /etc/newsyslog.conf
echo "${LOG_DIR}/sraweb_err.log 644 31
*
@T05 WZ" >> /etc/newsyslog.conf
echo "${LOG_DIR}/sraweb_all.log 644 31
*
@T05 WZ" >> /etc/newsyslog.conf
Protogate DC-908-3004A 23