I wish to keep domain logs in a separate location for long-term safe-keeping


Enter Your Query:
Use '%' for wildcards and quotes for "exact phrases"


Top Level » Apache Related Information

I wish to keep domain logs in a separate location for long-term safe-keepingLast Modified: Apr 15, 2020, 5:07 pm
After several iterations of log ownership in ~/domains/domain.com/logs, the current state (as of August 2019) stores the logs as the User.
Users do have sufficient privileges to accidentally delete their logs.
Managing root-owned data under a User's home directory is very difficult to do securrely, so keeping your long-term root logs in a non-User-writable area is recommended.

We can use the rotate_log_post.sh, which runs just after /var/log/httpd/domains/* logs are copied to ~/domains/domain.com/logs (and compressed to the tar.gz). This is where we'd grab our copy.

  1. Create the script:

    /usr/local/directadmin/scripts/custom/rotate_log_post/root_logs.sh

  2. In it, place the following code to sort out what to copy, where to copy it, and cleanup old logs:

    #!/bin/sh
    DAYS_TO_KEEP=365

    DOMAIN=`basename $file`
    LONG_TERM=/var/log/httpd/long_term
    DOMAIN_DIR=${LONG_TERM}/$DOMAIN
    DATE=`date +%F`
    DEST=${DOMAIN_DIR}/${DATE}
    if [ ! -d ${DEST} ]; then
           mkdir -p ${DEST}
    fi
    /bin/cp -n ${access_log} ${DEST}
    if [ "${error_log}" != "" ]; then
           /bin/cp -n ${error_log} ${DEST}
    fi
    find ${LONG_TERM}/* -mtime +${DAYS_TO_KEEP} -type d -exec rm -rf "{}" \;
    exit 0;

  3. set the permissions on the script:

    chmod 755 /usr/local/directadmin/scripts/custom/rotate_log_post/root_logs.sh

Once the next tally runs, this should automatically fill up the root-logs area.

© 2018 JBMC Software, Suite 173  3-11 Bellerose Drive, St Albert, AB  T8N 1P7  Canada.  Mon-Fri 9AM-5PM MST