I can answer 2 fairly simply.  Whilst using syslog-ng, I just set the logs to go into a dated directory or filename, that way they automatically get rotated each night without disrupting syslog at all.  For example:
 
destination messages {
   file("/var/log/syslog-dated/$HOST/$YEAR-$MONTH-$DAY/messages"
         sync(0) log_fifo_size(10) create_dirs(yes)
         owner(root) group(sysadmin) perm(0640) dir_perm(0750)
         dir_owner(root) dir_group(sysadmin));
};
You could of course simplify this even more, and just have:
destination messages {
   file("/var/adm/messages-$YEAR-$MONTH-$DAY"
         sync(0) log_fifo_size(10) create_dirs(yes)
         owner(root) group(sysadmin) perm(0640) dir_perm(0750)
         dir_owner(root) dir_group(sysadmin));
};
Which would put dated messages files into your /var/adm directory, then run a find command each night to clean up the old logs once they're archived off to tape or whatever your policy is.
I personally use these 2 cron entries to clean up my messages each night:
15 4 * * * /usr/bin/find /var/log/syslog-dated \( -name '*-*-*' \) -follow -mount -mtime +32 -type d -exec /usr/bin/rm -rf {} \;
30 4 * * * /usr/bin/find /var/log/syslog-dated \( -name '*.log' \) -follow -mount -mtime +2 -type f -exec /usr/bin/gzip {} \;
This gzips the older logs, and deletes stuff over a month old.
-----Original Message-----
From: Keven Belanger [mailto:kbelanger@logicon.ca]
Sent: Friday, 23 August 2002 5:23 AM
To: syslog-ng@lists.balabit.hu
Subject: [syslog-ng]help please...

I have 2 question:

 

1- I'm looking for a script (perl or other) to scan a file to find unique line (line that are duplicate will be remove)

2- Also want to know which log rotation people are using under Solaris ??

Answer soon!

 

Thanx!

 

 

Kéven Belanger

Analyste en solutions de sécurité
Logicon Inc. - Division Sécurité
819.825.8049 x7717

800.567.6399 x7717

 






Our Privacy statement


AM Corporation manages Personal information as required by Privacy legislation. To provide the products and services you request and for related purposes, we collect information from you or from someone you have authorised. If your information is sensitive, such as health information, we will use it only for the purpose that you have requested. Sometimes, we must give your information to appropriate external service providers, such as our underwriter, administrators, your banking service provider and/or Financial Adviser. However, we will give your information only if you authorise us, or if we are legally required to, or if it is part of our normal procedures and necessary to provide what you have requested.


This email is confidential


This email and any files transmitted with it are intended solely for the use of the addressee(s) and may contain information which is confidential or privileged. Any unauthorised use, in particular forwarding the contents of this email and any files to third parties (other than is expressly authorised) is prohibited.


If you receive this email and you are not the addressee (or responsible for the delivery of the email to the addressee) please notify us immediately and delete the email and all copies.


We do not guarantee that this email is virus or error free, and the attached files are provided and may only be used on the basis that the recipient assumes all responsibility for any loss, damage or consequence resulting directly or indirectly from the use of the attached files, whether caused by the negligence of the sender or not.


The contents and opinions in non business emails are not necessarily those of AM.