Date: Sun, 4 Nov 2001 00:05:20 -0600 (CST) From: Ryan Thompson <ryan@sasknow.com> To: brain_damaged <brain_damaged@florida-wireless.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: httpd log files big Message-ID: <Pine.BSF.4.21.0111032357121.66878-100000@ren.sasknow.com> In-Reply-To: <200111040049.AA3553034428@florida-wireless.com>
next in thread | previous in thread | raw e-mail | index | archive | help
brain_damaged wrote to freebsd-questions@FreeBSD.ORG: > Hello > I noticed that my / was full. > I could not understand why and noticed that under > /var/log that my httpd-access and httpd-error logs are over 8 megs big. We go through that in an afternoon on some sites we host. ;-) > I am running apache 3.1.9 Unlikely.. Maybe you mean 1.3.9? :-) > I am not sure were to setup a log rotation for it so that they don't > get that big. how do I do that or can I ? Yes, apache includes a program called "logrotate" that does this very nicely, so you don't have to kill the server. It's pretty simple to implement... man 8 logrotate. > And does anyone have a perl script or program to read the httpd logs > and pull out failed access or something to auto notify of virus > attacks or such ? Sure... It's pretty trivial to write a shell script with grep/awk etc to pull out the bits you want. You can fine tune a Perl script a bit more. Maybe if you post some specific requirements one of us can help you write something. General (untested) approach using grep: #!/bin/sh grep -v cmd.exe $1 | grep -v root.exe | grep -v something_else_you_want_to_filter > Thanks > Bd > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > -- Ryan Thompson <ryan@sasknow.com> Network Administrator, Accounts SaskNow Technologies - http://www.sasknow.com #106-380 3120 8th St E - Saskatoon, SK - S7H 0W2 Tel: 306-664-3600 Fax: 306-664-1161 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0111032357121.66878-100000>