Linux Logging Configuration
Internal
rsyslogd Configuration
The main rsyslogd configuration file is /etc/rsyslog.conf.
The configuration file contains global directives, rules and modules. A rule consists of filter and action. The filters can be facility/priority-based, property-based and expression-based.
For more details on rsyslogd configuration see
rsyslogd Log Rotation Configuration
rsyslogd-managed log files can be automatically rotated. The logrotate package contains a cron task that rotates log files based on the configuration found in /etc/logrotate.conf and /etc/logrotate.d/. The essential configuration is similar to:
# rotate log files weekly
weekly
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# use date as a suffix of the rotated file
dateext
# uncomment this if you want your log files compressed
#compress
# RPM packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp and btmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0600 root utmp
rotate 1
}
# system-specific logs may be also be configured here.
All entries, except those designating specific logs, apply to every log file managed by rsyslogd.
Individua log file handing can be specified here, as it is the case for /var/log/wtmp and /var/log/btmp in the above example, or in separated files placed in /etc/logrotate.d.
More details on the configuration file syntax can be obtained with:
man logrotate
journald Configuration
More details about journald.