How to configure and use logrotate

This note was created on 2023-05-05
This note was last edited on 2023-05-05

=== Configuration ===
The primary configuration file for logrotate which sets default parameters is "/etc/logrotate.conf".
Additional application-specific configuration files are included from the "/etc/logrotate.d/" directory. Each configuration file defines how to rotate, compress, and delete a specific log file. 

Here's an example configuration file for rotating the Apache access log file:
~~~
/var/log/apache2/access.log {
    weekly
    missingok
    rotate 52
    compress
    delaycompress
    notifempty
    create 640 root adm
    sharedscripts
    postrotate
        /etc/init.d/apache2 reload > /dev/null
    endscript
}
~~~

=== Compress using ZSTD ===
~~~
compress
compresscmd /usr/bin/zstd
compressext .zst
compressoptions -T0 --long
uncompresscmd /usr/bin/unzstd
~~~

Let's go through each of the parameters in the configuration file:
- "/var/log/apache2/access.log": Specifies the log file to rotate.
- "weekly": Rotates the log file on a weekly basis. Other options include daily, monthly, and yearly.
- "missingok": Ignores any errors if the log file is missing.
- "rotate 52": Keeps up to 52 rotated log files.
- "compress": Compresses rotated log files using gzip.
- "delaycompress": Delays compression of rotated log files until the next rotation cycle.
- "notifempty": Skips rotation if the log file is empty.
- "create 640 root adm": Creates new log files with the specified permissions and ownership.
- "sharedscripts": Runs the postrotate script once for all rotated log files.
- "postrotate": Executes the specified command after rotating the log file. In this case, it reloads the Apache web server to pick up any new log settings.
- "endscript": Marks the end of the postrotate script.

=== Usage ===
logrotate is usually run through the systemd service - "logrotate.service".

To run logrotate manually:
# logrotate -f /etc/logrotate.d/apache2
This will force logrotate to rotate the log file specified in the "/etc/logrotate.d/apache2" configuration file.

To simulate running your configuration file (dry run):
# logrotate -d /etc/logrotate.d/apache2
This will run logrotate in debug mode and show you what log files would be rotated, compressed, or deleted, but without actually performing any actions.