Logging

6. Managing Log Files

System and application log files generate a lot of data, which is stored on your hard disks. Over time, these files can grow to an unmanageable size, creating several challenges for system administrators. This lesson in our Linux tutorial provides a beginner's guide to effective log management.

The Challenge of Growing Logs

As log files expand, they consume valuable disk space. If left unchecked, they can fill up a partition, potentially causing system instability or application failures. Furthermore, searching through a single, massive log file for specific information is slow and inefficient. We need a strategy to manage these logs, keeping recent data accessible while archiving or discarding older entries.

What is Log Rotation?

The solution to this problem is a process called log rotation. The most common utility for this task on Linux systems is logrotate. This tool automates the process of managing log files. Log rotation typically involves:

  • Renaming the current log file (e.g., app.log becomes app.log.1).
  • Creating a new, empty log file for new entries.
  • Compressing older log files to save disk space (e.g., app.log.1.gz).
  • Deleting the oldest log files after a certain number of rotations.

This automated log management ensures that logs remain a manageable size and that disk space is used efficiently.

How logrotate Works

The logrotate utility is highly configurable and is typically scheduled to run automatically once a day via a cron job. Its main configuration file is /etc/logrotate.conf, but individual application log settings are usually placed in separate files within the /etc/logrotate.d/ directory. These configuration files allow you to specify rules for different Linux logs, such as how often to rotate them, how many old logs to keep, and whether to compress them. While other tools exist, logrotate is the standard for log rotation in the Linux world.

Sign in to save your learning progress

Sign in

Exercises

Practice makes perfect! Here are some hands-on labs to reinforce your understanding of log file management and related system administration tasks:

  1. Viewing Log and Configuration Files in Linux - Practice essential Linux command-line skills for efficiently viewing and navigating text files, including system logs and configuration files, which are managed by tools like logrotate.
  2. Rapid Threat Detection - Learn essential Linux command-line skills for cybersecurity analysis. Use tail and head commands to quickly extract and analyze recent log entries, simulating rapid threat detection in a high-stakes tech environment.
  3. Create and Restore a Backup with tar in Linux - Gain hands-on experience with system administration tasks by backing up directories, which is often a part of log rotation strategies to archive old logs.

These labs will help you apply the concepts in real scenarios and build confidence with managing and interacting with log files in Linux.

Login to Practice on LabEx

Quiz

What is the primary utility used for log rotation and managing Linux logs? Please answer in lowercase English.