Notes from Jacob K:

newsyslog: maintain system log files to manageable sizes

newsyslog.conf: newsyslog(8) configuration file

syslog.conf: syslogd configuration file

zmore: file perusal filter for crt viewing of compressed text

bzcat: decompress files to standard out

files:

/etc/newsyslog.conf

/etc/syslog.conf

Configure log rotation:

These options are set in newsyslog.conf with "size" and "when"

By time: use the when field to set this.

The when field may consist of an interval, a specific time, or both. If the when field contains an asterisk, log rotation will solely depend on the contents of the size field. Otherwise, the when field consists of an optional interval in hours, usually followed by an @ sign and a time in restricted ISO 8601 format. Additionally, the format may also be constructed with a $ sign along with a rotation time specification of once a day, once a week, or once a month. If both a time and interval are specified, both conditions must be satisfied for the rotation to take place. (TODO: do not use text from man page)

By size: use the size field to set this. When the size of the log file reaches "size" in kilobytes, the log file will be trimmed as described above. If this field contains an asterisk, the log file will not be trimmed based on size. (TODO: do not use text from man page)

Understand logging facilities and priorities: TODO

View compressed logs:

To view logs compressed into .bz2 files: ""bzcat /var/log/maillog.2.bz2

---

Things not covered here

The following are not covered in this book because maybe too advanced or not enough room. If you want them in book, please discuss :)

mark.info

negating with !