Installed FreePBX 14 RC distro and all settings are default.
Looking at /var/log/asterisk/ , all of the log files are not being rotated even though they are set to in the GUI. Don’t have full.1 full.2, etc.
Setttings --> Asterisk Logfile Settings --> Log Rotation set to “Rotate”
Below are copies of /etc/logrotate.conf and /etc/logger.d/asterisk. Culprit is logger.d/asterisk?
Any guidance would be appreciated. Cheers
Copy of /etc/logrotate.conf
# see "man logrotate" for details
# rotate log files weekly
weekly
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# use date as a suffix of the rotated file
dateext
# uncomment this if you want your log files compressed
#compress
# RPM packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp and btmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0600 root utmp
rotate 1
}
# system-specific logs may be also be configured here.
Copy of /etc/logger.d/asterisk
/var/log/asterisk/queue_log {
daily
missingok
rotate 30
notifempty
sharedscripts
create 0640 asterisk asterisk
}
/var/spool/mail/asterisk
/var/log/asterisk/messages
/var/log/asterisk/event_log
/var/log/asterisk/full
/var/log/asterisk/dtmf
/var/log/asterisk/fail2ban {
daily
missingok
rotate 7
notifempty
sharedscripts
create 0640 asterisk asterisk
postrotate
/usr/sbin/asterisk -rx 'logger reload' > /dev/null 2> /dev/null
endscript
}
#This comment is to fix rpm file replacing
#Config file built on Sat May 20 04:52:55 UTC 2017
Here’s the result of running ‘logrotate -v /etc/logrotate.d/asterisk’ as root:
[root@ asterisk]# logrotate -v /etc/logrotate.d/asterisk
reading config file /etc/logrotate.d/asterisk
Allocating hash table for state file, size 15360 B
Handling 2 logs
rotating pattern: /var/log/asterisk/queue_log after 1 days (30 rotations)
empty log files are not rotated, old logs are removed
considering log /var/log/asterisk/queue_log
error: skipping “/var/log/asterisk/queue_log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
rotating pattern: /var/spool/mail/asterisk
/var/log/asterisk/messages
/var/log/asterisk/event_log
/var/log/asterisk/full
/var/log/asterisk/dtmf
/var/log/asterisk/fail2ban after 1 days (7 rotations)
empty log files are not rotated, old logs are removed
considering log /var/spool/mail/asterisk
error: skipping “/var/spool/mail/asterisk” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
considering log /var/log/asterisk/messages
error: skipping “/var/log/asterisk/messages” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
considering log /var/log/asterisk/event_log
error: skipping “/var/log/asterisk/event_log” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
considering log /var/log/asterisk/full
error: skipping “/var/log/asterisk/full” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
considering log /var/log/asterisk/dtmf
error: skipping “/var/log/asterisk/dtmf” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
considering log /var/log/asterisk/fail2ban
error: skipping “/var/log/asterisk/fail2ban” because parent directory has insecure permissions (It’s world writable or writable by group which is not “root”) Set “su” directive in config file to tell logrotate which user/group should be used for rotation.
Permissions of /etc/logrotate.d/asterisk to are user:group root:root 644
Sorry to dredge up an old thread, but on a fully updated FreePBX 14.0.1.36 machine, the log files in /var/log/asterisk are not rotating. Particularly zulu_out.log which is almost 3TB even though Zulu is not being used on this machine. Any advise would be appreciated.
Thanks Dave for the link. Will follow that thread to see if there’s a resolution for Zulu or if I can contribute at all. I’ve posted logrotate file from zulu module there.
However, I’m still unclear why asterisk logs aren’t rotating. Do I need to modify /etc/logrotate.d/asterisk?
Cheers
You need to make sure the log directory ownership is correct. A ‘fwconsole chown’ (IIRC) should take care of that. If it doesn’t, it’s a bug and should be reported through the bug-tracker (Issues link above).
Thank you dicko and Dave for your patience and advice. Permissions was the issue. Added su and user/group to config file and it appears to rotate properly after logrotate -f /etc/logrotate.d/asterisk. This is what happens when you put a chemist in charge of the switch. Cheers!
Disk is running high, peaked in and see a massive 19gb log file.
Here is my logrotate.conf
# see "man logrotate" for details
# rotate log files weekly
weekly
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# use date as a suffix of the rotated file
dateext
# uncomment this if you want your log files compressed
#compress
# RPM packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp and btmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0600 root utmp
rotate 1
}
# system-specific logs may be also be configured here.'