Working with /var/log files

plarkin

Registered
Now that I've moved most of my production stuff off of LinuxPPC and onto OS X, I have a need to adjust how I deal with log files.

Previously, in LinuxPPC, the secure.log file would contain any ftp connections, sshd or telnetd connections. I had a cron job that would mail me that log file every morning so I could keep an eye on any interlopers. The secure.log would rotate magically every week.

Now, with OS X, there is a separate ftp log. I'm not sure of its rotation schedule. There is also the system.log which logs sshd connections (and a bunch of other GUI stuff I don't need). The system.log rotates nightly at 3:15 (I don't know why that time.)

SO, NOW my questions. Where do I to manipulate when these files are rotated. My goal is to have the ftp.log and system.log rotate every night at midnite. Then, I'll write a script that concatenates them and mails them to me in one neat file. I suppse the mail.log wouldn't hurt either. So, I need to keep the rotation down to one day so the thing does't get too long. I would prefer all connections (ftp/ssh/mail) to be logged in one place but I can live it the way it is...

Help if you can. Thanks.
 
Log rotation is done via two scripts called from /etc/crontab: /etc/daily (for system.log) and /etc/weekly (for most others). For the most part, they rotate the same, the only difference being daily keeps eight and weekly keeps five previous files.
 
Back
Top