[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 14/08/13 15:26, Dan Gibbs wrote: > > I was a big vague! The log rotation itself isn't an issue. I want to > archive the old logs on a different server for security/storage reasons. > > I was just curious if there was a 'best practice' when it comes to > doing this but I imagine simply using rsync is perfectly fine. > > Cheers > Well, in that case if you're just archiving old logs then cron+rsync would work as well as anything else, sure. Personally, I normally use rsyslog to filter and send syslogs to a log server in real time (for the centralised IDS, nagios/cactus monitoring, etc, to mine for data) and a local cron job on the individual boxes to automatically trim and dump old log files. Come to think of it, in the instances of standalone servers or non-centralised setups I run, my normal choice would be a certain amount of realtime trimming and filtering of logs to cut out most of the noise but yeah, usually rsync+cron to dump the logs off somewhere for long term storage. I use a script afterwards to clean up the old logs as well, I don't want tons of old tar.gzs floating around on my production machines. Rsyslog has an agent that works pretty well on Windows machines these days as well, although it's very far from perfect. I'm still looking for the One Centralised Logging System to Rule Them All, but in mixed environments I'm yet to find it - there's always a lot of dodgy hack-it-yourself work involved. And that includes the insanely expensive top-end monitoring suites like HP OpenView, etc. Oh well, one day maybe. Regards -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq