Brian,

What I do is have the logs date time stamped so it starts a new log each day. Then I run a script from CRON to have those files gzipped that are more than two days old and delete anything more than thirty days old.

HTH,

Mark

Here is what I have:

--from syslog-ng.conf--

destination hosts {
   file("/var/log/network/$HOST/$HOST$YEAR$MONTH$DAY"
   owner(root) group(root) perm(0775) dir_perm(0775) create_dirs(yes));
};

log {
        source(s_all);
        destination(hosts);
};

--the "archive script" (it's not really archiving but it does what I need it to do)--

#!/bin/bash

cd /var/log/network/corppix

# Compress all of the Corp Pix logs older than two days

/usr/bin/find . -name corppix\* -mtime +2 -exec gzip {} \;

#Delete all logs older than 30 days.

/usr/bin/find . -name corppix\* -mtime +30 -exec rm {} \;

#Same thing for CorpPixFailover

cd /var/log/network/corppixfailover

# Compress all of the Corp Pix logs older than two days

/usr/bin/find . -name corppixfailover\* -mtime +2 -exec gzip {} \;

#Delete all logs older than 30 days.

/usr/bin/find . -name corppixfailover\* -mtime +30 -exec rm {} \;

On 8/24/06, Brian Loe <knobdy@gmail.com> wrote:

I've been trying to get logrotate to work on AIX and it simply doesn't
"do" anything (run it with debug and it tells me its reading the
config file then exits, files remain the same - regardless of size or
age).

So, what else should I try? Eventually it looks like I'm going to be
feeding pipes and files for use with SEC - but I need to archive each
log for 30 days, then archive all of those files for a year, etc..
_______________________________________________
syslog-ng maillist - syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html

--
"Knowledge is power and I like power." Cobra Bubbles, Lilo & Stitch