Protect Error Logs for the Sun Java System Directory Server
The LDIF script that this procedure creates sets up the following rules for the error logs:
-
Rotate logs weekly.
-
Keep a maximum of 30 log files, and each file is at most 500 MBytes.
-
Expire log files that are older than 3 months.
-
Delete oldest logs if less than 500 MBytes free disk space is available.
-
All log files use a maximum of 20,000 MBytes of disk space.
-
Create a script to manage error logs.
Create a /var/tmp/logs-error.ldif file with the following content:
dn: cn=config changetype: modify replace: nsslapd-errorlog-logging-enabled nsslapd-errorlog-logging-enabled: on - replace: nsslapd-errorlog-logexpirationtime nsslapd-errorlog-logexpirationtime: 3 - replace: nsslapd-errorlog-logexpirationtimeunit nsslapd-errorlog-logexpirationtimeunit: month - replace: nsslapd-errorlog-logrotationtime nsslapd-errorlog-logrotationtime: 1 - replace: nsslapd-errorlog-logrotationtimeunit nsslapd-errorlog-logrotationtimeunit: week - replace: nsslapd-errorlog-maxlogsize nsslapd-errorlog-maxlogsize: 500 - replace: nsslapd-errorlog-maxlogsperdir nsslapd-errorlog-maxlogsperdir: 30 - replace: nsslapd-errorlog-logmaxdiskspace nsslapd-errorlog-logmaxdiskspace: 20000 - replace: nsslapd-errorlog-logminfreediskspace nsslapd-errorlog-logminfreediskspace: 500
-
Run the script.
# ldapmodify -h localhost -D 'cn=directory manager' -f /var/tmp/logs-error.ldif
-
Answer the prompts.
Enter bind password: Type the appropriate password modifying entry cn=config
- © 2010, Oracle Corporation and/or its affiliates