ยท All Snippets

OpenBSD log rotate newsyslog

We’re setting up OpenBSD’s log rotate utility newsyslog(8) to deal with our custom services, such as gmifs. Reasons for log rotation include retaining disk space and removing access information such as IP addresses to protect the privacy of users long term.

The file /etc/newsyslog.conf specifies under which conditions what log files are to be rotated and what actions shall be taken as well as retention.

# logfile_name          owner:group     mode count size when  flags
/var/www/logs/gemini/access.log         644  4     *    $W0   Z
/var/www/logs/gemini/debug.log          644  7     250  *     Z

The access log file contains IP addresses, paths and status codes with timestamp, the debug log only contains information to improve the software, such as errors when handling requests or renewing certificates. The policy for each is therefore radically different.

A brief explanation of the used parameters:

For more details see newsyslog(8) with man newsyslog.

Last modified on Sunday, Oct 31, 2021.
Go back