On CentOS 8, the default logrotate interval is 1 week, and this also applies to the security log at
/var/log/secure. The logrotate configuration for the security log can be found in
/etc/logrotate.d/syslog and looks as follows
Code: Select all
/var/log/cron
/var/log/maillog
/var/log/messages
/var/log/secure
/var/log/spooler
{
missingok
sharedscripts
postrotate
/usr/bin/systemctl kill -s HUP rsyslog.service >/dev/null 2>&1 || true
endscript
}
How can I change the logrotate interval for the security log from 1 week to 1 month? I assume I have to remove the line
/var/log/secure from the syslog file and create a new configuration file named e.g.
seclog in
/etc/logrotate.d with the following content:
Code: Select all
/var/log/secure
{
monthly
missingok
sharedscripts
postrotate
/usr/bin/systemctl kill -s HUP rsyslog.service >/dev/null 2>&1 || true
endscript
}
Is there a way to test whether this configuration works correctly? Another question: How can I restart logrotate so that the new configuration becomes active?
Thanks in advance!
Pernilla