/var/log/wtmp rotating?

[Stefann]

hi,
Well... it works
Big thanks Rich

I now have below command in my cron file:

Code: [Select]

1 1 1 * * Entries=100 ; tail -c $(($Entries*384)) /var/log/wtmp > /var/log/NewWtmp && sudo cp /var/log/NewWtmp /var/log/wtmp; rm -rf /var/log/NewWtmp
In addition to your advice I added the full path for NewWtmp to avoid that it got written at some random place.
Tested with * * * * * setting (every minute) and works like a charm. Thanks.
With 100 entries it grows to about 35k which is fine.

I also tried to setup syslog.conf with your other "1 command" proposal:

Code: [Select]

$outchannel main_log, /var/log/mainlog.txt,  50000, /bin/echo "$(/usr/bin/tail -n 50 /var/log/mainlog.txt)" > /var/log/mainlog.txt
local1.=debug  :omfile:$main_log;MyFormatBut that does not work.
I tried to simplify it all the way to

Code: [Select]

$outchannel main_log, /var/log/mainlog.txt,  50000, /bin/cp /var/log/mainlog.txt /var/log/testlog.txt
But even that does not work.
it looks like syslog does only accept 1 argument to the copy command.
I stopped debugging this.
I currently have rsylog perfectly working like this:

Code: [Select]

$outchannel main_log, /var/log/mainlog.txt,  100000, /var/log/rotate mainlog.txt
local1.=debug  :omfile:$main_log;MyFormat

with /var/log/rotate:
tail -n 500 /var/log/${1} > /var/log/${1}.tmp
cat /var/log/${1}.tmp > /var/log/${1}
rm -f /var/log/${1}.tmp
I do not really like that I now have a script in the /var/log folder that is user-specific because that is something I could "loose"
The beauty of your single line solution is that that would be entirely in the syslog.conf file with no "non standard file needed".
I will however just document the rotate script on some # commented lines in the  syslog.conf file.
That way, if I revisit this in few years, I still understand how it works.

[Rich]

Hi Stefann
Had you considered using the included busybox syslog:

Code: [Select]

tc@E310:~$ syslogd --help
BusyBox v1.29.3 (2018-12-19 15:29:37 UTC) multi-call binary.

Usage: syslogd [OPTIONS]

System logging utility
(this version of syslogd ignores /etc/syslog.conf)

        -n              Run in foreground
        -R HOST[:PORT]  Log to HOST:PORT (default PORT:514)
        -L              Log locally and via network (default is network only if -R)
        -C[size_kb]     Log to shared mem buffer (use logread to read it)
        -O FILE         Log to FILE (default: /var/log/messages, stdout if -)
        -s SIZE         Max size (KB) before rotation (default 200KB, 0=off)
        -b N            N rotated logs to keep (default 1, max 99, 0=purge)
        -l N            Log only messages more urgent than prio N (1-8)
        -S              Smaller output
        -D              Drop duplicates
tc@E310:~$
It appears to support log size limits, log rotation, and remote logging.

[Stefann]

That's how I started.

unfortunately it does not support syslog.conf and for that reason I cannot set multiple logfiles.
I use 4 now:
- 3 "slow" logfiles with few messages per hour that keep track of how my application is doing, I need multipel days history on that
- 1 "fast" logfile with multiple messages per second for debugging, I only need few minutes history on that

Code: [Select]

(this version of syslogd ignores /etc/syslog.conf)
My full journey on that is here:
https://forum.tinycorelinux.net/index.php/topic,27306.0.html