1080*80 ad
Home » Blog » Configure Log Rotation with Logrotate on Ubuntu 18.04 LTS

Configure Log Rotation with Logrotate on Ubuntu 18.04 LTS

Benhcmark Administrator Benhcmark Administrator
11/09/2025
0 Views 0
Configure Log Rotation with Logrotate on Ubuntu 18.04 LTS

Mastering Log Management: A Deep Dive into Configuring Logrotate on Ubuntu

Server logs are the unsung heroes of system administration. They provide critical insights into application behavior, security events, and system errors. However, without proper management, these log files can grow uncontrollably, consuming valuable disk space and making analysis a daunting task. This is where logrotate, a powerful and versatile utility, becomes an essential tool for any Ubuntu server administrator.

Proper log management is not just about saving space; it’s a cornerstone of maintaining a healthy, secure, and performant server. Let’s explore how to effectively configure logrotate to automate this crucial process.

What is Logrotate and Why is it Essential?

Logrotate is a system utility designed to automate the management of log files. Its primary function is to systematically “rotate” logs—meaning it archives the current log file and starts a new one. This prevents any single log file from becoming excessively large.

Key benefits of using logrotate include:

  • Preventing Disk Space Exhaustion: Unchecked log growth is a common cause of servers running out of disk space, which can lead to application crashes and system instability.
  • Improving Performance: Searching through a single, massive log file is slow and resource-intensive. Smaller, segmented logs are much easier and faster to analyze.
  • Organized Archiving: Logrotate can compress and store old log files, keeping historical data accessible for auditing or forensic analysis without consuming excessive space.
  • Automation: It runs automatically in the background, typically via a daily cron job, providing a “set it and forget it” solution for log management.

How Logrotate Works on Ubuntu

On a standard Ubuntu system, logrotate is triggered once a day by a cron job located at /etc/cron.daily/logrotate. This script executes the logrotate command, which then consults its configuration files to determine which logs need rotating and how to handle them.

There are two primary locations for logrotate configurations:

  1. /etc/logrotate.conf: This is the main configuration file. It contains the default settings that apply globally to all log rotation tasks unless overridden by a more specific configuration.
  2. /etc/logrotate.d/: This directory is the recommended location for application-specific log rotation rules. Placing a separate configuration file for each service (e.g., Nginx, Apache, or your custom application) in this directory keeps your setup clean, modular, and easy to manage.

The main /etc/logrotate.conf file usually contains an include /etc/logrotate.d directive, which tells logrotate to read all the configuration files within that directory.

Creating a Custom Logrotate Configuration

While many packages install their own logrotate configurations into /etc/logrotate.d/, you will often need to create custom configurations for your own applications. Let’s create a sample configuration for a fictional web application whose logs are stored in /var/log/myapp/.

First, create a new configuration file:

sudo nano /etc/logrotate.d/myapp

Now, let’s add the configuration directives to this file. Below is a well-structured example with explanations for each directive.

/var/log/myapp/*.log {
    daily
    rotate 14
    compress
    delaycompress
    missingok
    notifempty
    create 0640 www-data www-data
    postrotate
        systemctl reload myapp.service
    endscript
}

Let’s break down what each of these powerful directives does:

  • /var/log/myapp/*.log: This is the path to the log files you want to manage. Using a wildcard (*) applies the rule to all files ending in .log within that directory.
  • daily: This specifies the rotation frequency. Other common options are weekly and monthly. You can also use the size directive (e.g., size 100M) to rotate a log once it reaches a certain size.
  • rotate 14: This directive instructs logrotate to keep 14 archived log files. When the 15th rotation occurs, the oldest log file (.14) will be deleted. This is crucial for managing long-term disk usage.
  • compress: This tells logrotate to compress the rotated log files, typically using gzip. This dramatically reduces the amount of disk space consumed by archived logs.
  • delaycompress: This is a useful directive to use alongside compress. It postpones the compression of the most recent log file by one cycle. This ensures you can immediately analyze the most recent archived log in plain text if needed.
  • missingok: If the log file does not exist, this directive tells logrotate to move on without generating an error. This is essential for preventing your cron job from failing if an application hasn’t generated any logs yet.
  • notifempty: This directive ensures that logrotate will not rotate an empty log file. This prevents the creation of numerous empty, archived logs.
  • create 0640 www-data www-data: After rotating the original log file, this directive creates a new, empty log file with specified permissions (0640), owner (www-data), and group (www-data). This is critically important, as many applications will fail if their log file suddenly disappears.
  • postrotate / endscript: This block contains commands that are executed after the log file has been rotated. In this example, systemctl reload myapp.service tells the application to reload its configuration. This is often necessary to make the application release its file handle on the old log file and start writing to the newly created one.

Testing and Manually Running Logrotate

Before deploying a new configuration, it’s vital to test it to ensure it behaves as expected. You can perform a “dry run” to simulate the rotation process without actually changing any files.

To perform a dry run (debug mode):

sudo logrotate --debug /etc/logrotate.conf

This command will output detailed information about which log files would be rotated and what actions would be taken. Carefully review this output to confirm your configuration is correct.

If you need to trigger a rotation immediately instead of waiting for the daily cron job, you can force logrotate to run.

To force logrotate to run:

sudo logrotate --force /etc/logrotate.conf

This will force all logs to be rotated if they meet their respective configuration criteria.

By mastering logrotate, you take a proactive step toward maintaining a stable and efficient server environment. A well-crafted log rotation strategy ensures that your systems remain performant, your disk space is preserved, and your critical log data is archived in an organized and accessible manner.

Source: https://kifarunix.com/how-to-configure-log-rotation-with-logrotate-on-ubuntu-18-04-lts/

900*80 ad

Related Articles
      1080*80 ad
      About Hosterdojo

      Hosterdojo reviews server performance, network capabilities, and other related benchmarks. If you are a provider interested in submitting your VPS products, feel free to reach out to me.

      Email: [email protected]
      Telegram Channel: https://t.me/hosterdojo

      Follow

      Useful Link

      Girl in a jacket