13ecf0f821
Log files that may contain secure information should have restricted permissions. This includes all -api log files, as well as log files in which the operator login and authententication attempts are logged. Change-Id: I56ef476609d65991529ba0a6311ebd29a7710386 Closes-Bug: 1836632 Signed-off-by: Don Penney <don.penney@windriver.com>
110 lines
2.2 KiB
Plaintext
110 lines
2.2 KiB
Plaintext
# /etc/logrotate.d/syslog-ng - Provided by syslog-ng-logrotate
|
|
|
|
/var/log/syslog
|
|
/var/log/auth.log
|
|
/var/log/cron.log
|
|
/var/log/daemon.log
|
|
/var/log/daemon-ocf.log
|
|
/var/log/kern.log
|
|
/var/log/lpr.log
|
|
/var/log/mail.log
|
|
/var/log/news.log
|
|
/var/log/user.log
|
|
/var/log/uucp.log
|
|
/var/log/local*.log
|
|
/var/log/postgres.log
|
|
/var/log/postgresql.log
|
|
/var/log/haproxy.log
|
|
/var/log/platform.log
|
|
/var/log/openstack.log
|
|
/var/log/sysinv.log
|
|
/var/log/sysinv-api.log
|
|
/var/log/nfv-vim-api.log
|
|
/var/log/nfv-vim-webserver.log
|
|
/var/log/keystone/*.log
|
|
/var/log/horizon.log
|
|
/var/log/snmp-api.log
|
|
/var/log/dcmanager/*.log
|
|
/var/log/dcorch/*.log
|
|
/var/log/barbican/barbican-keystone-listener.log
|
|
/var/log/barbican/barbican-worker.log
|
|
{
|
|
nodateext
|
|
size 10M
|
|
start 1
|
|
rotate 20
|
|
missingok
|
|
notifempty
|
|
compress
|
|
sharedscripts
|
|
postrotate
|
|
systemctl reload syslog-ng > /dev/null 2>&1 || true
|
|
endscript
|
|
}
|
|
|
|
/var/log/nfv-vim.log
|
|
{
|
|
nodateext
|
|
size 20M
|
|
start 1
|
|
rotate 40
|
|
missingok
|
|
notifempty
|
|
compress
|
|
sharedscripts
|
|
postrotate
|
|
systemctl reload syslog-ng > /dev/null 2>&1 || true
|
|
endscript
|
|
}
|
|
|
|
/var/log/collect.log
|
|
/var/log/ldapscripts.log
|
|
/var/log/tuned/tuned.log
|
|
/var/log/armada/*.log
|
|
{
|
|
nodateext
|
|
size 10M
|
|
start 1
|
|
rotate 20
|
|
missingok
|
|
notifempty
|
|
compress
|
|
copytruncate
|
|
}
|
|
|
|
/var/log/sm.log
|
|
/var/log/ima.log
|
|
{
|
|
nodateext
|
|
size 50M
|
|
start 1
|
|
rotate 10
|
|
missingok
|
|
notifempty
|
|
compress
|
|
sharedscripts
|
|
postrotate
|
|
systemctl reload syslog-ng > /dev/null 2>&1 || true
|
|
endscript
|
|
}
|
|
|
|
/var/log/bash.log
|
|
{
|
|
nodateext
|
|
size 100M
|
|
start 1
|
|
rotate 20
|
|
missingok
|
|
notifempty
|
|
compress
|
|
sharedscripts
|
|
firstaction
|
|
/usr/bin/logmgmt_prerotate > /dev/null 2>&1 || true
|
|
endscript
|
|
# using lastaction to ensure log file compression succeeds
|
|
lastaction
|
|
service syslog-ng reload > /dev/null 2>&1 || true
|
|
/usr/bin/logmgmt_postrotate > /dev/null 2>&1 || true
|
|
endscript
|
|
}
|