Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Why keep log files?' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Why keep log files?
Authored by: mervTormel on Jul 29, '02 10:30:06AM
Why are .gz files in the log dir annoying? why do you want to save them, bloating your home dir? There is no provision for additional cleanup in your method. How many days will you save? Ad infinitum? is there a legal requirement for saving them? if so, then they should get to external media and/or off-site. Log files aren't very interesting historically. They are meant to be useful in diagnosing problems close to the present. Occasionally, you may want to go back a few days to investigate an issue, but only legal issues make them historically valuable. Otherwise, they are cruft and are expunged after a duration, as they should be. The older a log file is, the less reflective of reality it is, and the more investigation is required to exact a reality. The management of logs with the /etc/ maintenance scripts is universally reasonable. Now, with this facility, there's more management and bloat every day. What are your requirements and does this achieve them? I would be annoyed by the additional bloat and maintenance of the new ~/logs dir. Have you just transferred the workload somewhere else without really solving anything? And here's a real, slick solution that leaves the system vanilla, and let's you see/access your system logs unencumbered by the .gz files... Wouldn't it be simpler if you didn't look at the /var/log dir? Why not just make aliases/symlinks of the interesting log files in your ~/logs dir and leave the maintenance mechanism vanilla and mask the .gz files existence from you view that way? like so...
 % mkdir ~/syslogs
% ln -s /var/log/*.log ~/syslogs
% ls -ln ~/syslogs>

total 96
lrwx------ 1 501 80 25 Jul 30 08:33 backup.daily.log -> /var/log/backup.daily.log
lrwx------ 1 501 80 25 Jul 30 08:33 dmesg-9jun02.log -> /var/log/dmesg-9jun02.log
lrwx------ 1 501 80 18 Jul 30 08:33 dmesg.log -> /var/log/dmesg.log
lrwx------ 1 501 80 16 Jul 30 08:33 ftp.log -> /var/log/ftp.log
lrwx------ 1 501 80 20 Jul 30 08:33 lookupd.log -> /var/log/lookupd.log
lrwx------ 1 501 80 16 Jul 30 08:33 lpr.log -> /var/log/lpr.log
lrwx------ 1 501 80 17 Jul 30 08:33 mail.log -> /var/log/mail.log
lrwx------ 1 501 80 23 Jul 30 08:33 makewhatis.log -> /var/log/makewhatis.log
lrwx------ 1 501 80 21 Jul 30 08:33 messages.log -> /var/log/messages.log
lrwx------ 1 501 80 20 Jul 30 08:33 netinfo.log -> /var/log/netinfo.log
lrwx------ 1 501 80 19 Jul 30 08:33 secure.log -> /var/log/secure.log
lrwx------ 1 501 80 19 Jul 30 08:33 system.log -> /var/log/system.log


[ Reply to This | # ]
Why keep log files?
Authored by: maclaxguy on Jul 30, '02 03:39:48PM

I simply wrote this because I do check over my logs every week or so. I like to see if anything is going wrong, and see if any possible security breaches have occurred. After I read them, I usually just delete them. All this is doing is making me able to delete them when I choose to do so, and cataloging them by their date for easy reference. I see what you are saying, and for some, this script is nothing that they would like to use. However, I find it very useful, and I thought that perhaps a few other people might as well.

Ben Foster



[ Reply to This | # ]
Why keep log files?
Authored by: Loren on Nov 20, '02 05:07:44PM

I am using my Mac as a remote logging machine for my office firewall, and we save those logs a really long time. This script should be very helpful.

Thanks.

Loren



[ Reply to This | # ]