Rotating Apache httpd logfiles on FreeBSD

Published on Thu, 2009-10-08 - 14:27

With the disk space available on modern servers, you tend to notice some things a lot less. Like the boring fact that without log rotation, an Apache access log can grow to gigabyte size in no time.

FreeBSD's Apache HTTPD port does not ship with configuration for the FreeBSD log rotation utility, newsyslog, so your logs won't be rotated by default.

That, however, is fairly easy to fix by tweaking /etc/ newsyslog.conf a bit.

Here's how I did it:

/var/log/httpd-access.log www:www 440 9 * $W1D4 J /var/run/httpd.pid 30
/var/log/httpd-error.log www:www 440 9 * $W1D4 J /var/run/httpd.pid 30

Broken up, this means:

  1. /var/log/httpd-access.log: Name of the log file we're rotating
  2. www:www set user and group ownership of the archived logs to www, so sysadmins can read them.
  3. 440 set the archive files to be read-only for the www user and group and no access for anyone else.
  4. 9 keep nine archived log files excluding the current one. This way, we should always have the latest 10 weeks of log data available.
  5. * don't rotate based on log file size.
  6. $W1D4 rotate logs every Monday at 4 in the morning.
  7. J compress the archived logs with bzip2.
  8. /var/run/httpd.pid – get the process ID for the httpd server here.
  9. 30 send SIGUSR1 to cause a graceful restart of httpd.

I set this up last week, and it has since done its work, turning my 1GiB /var/log/httpd-access.log into a 46MiB httpd-access.log.0.bz2. Log files are some of the best use cases for compression. Enjoy.

Tags

Comments

Submitted by nminus.org (not verified) on Mon, 2017-03-06 - 10:35 Permalink

Thank you.

Submitted by CS (not verified) on Wed, 2017-08-09 - 18:26 Permalink

This was just what I was looking for. Thanks!

The lines can be put into another file in /etc/newsyslog.d or /usr/local/etc/newsyslog.d in FreeBSD 11, that might help with keeping track of changes if you don't necessarily want to modify the default newsyslog.conf.

One can confirm the correctness of this by checking the man page for httpd and the -k flag there, plus the /usr/local/etc/rc.d/apache24 that ends up calling it, during usual graceful restarts. The 30 mapping for SIGUSR1 comes from /usr/include/sys/signal.h .

Submitted by CS (not verified) on Wed, 2017-08-09 - 18:27 Permalink

This was just what I was looking for. Thanks!

The lines can be put into another file in /etc/newsyslog.d or /usr/local/etc/newsyslog.d in FreeBSD 11, that might help with keeping track of changes if you don't necessarily want to modify the default newsyslog.conf.

One can confirm the correctness of this by checking the man page for httpd and the -k flag there, plus the /usr/local/etc/rc.d/apache24 that ends up calling it, during usual graceful restarts. The 30 mapping for SIGUSR1 comes from /usr/include/sys/signal.h .

The comments for this post are now closed. If you have corrections, suggestions, or other feedback, you can reach me through the contact page.