Hello,
I have installed hdd and would like to use it for storing /var/log folder. I created symlink log -> /mnt/sda1/log but after reboot its cleaned again. Any hints?
1 Like
if you want just to store the messages log on the hdd then the easiest way is not modify the /etc/syslog-ng.conf file by adding a new destination and adjusting the log section.
Example:
destination messages {
file("/var/log/messages" template(t_file_logger) suppress(5) log_fifo_size(256));
};
destination d_messages {
file("/srv/omnia-logs/messages/$YEAR/$MONTH/messages-$YEAR$MONTH$DAY.log" create_dirs(yes) template(t_file_logger) suppress(5) log_fifo_size(256));
};
log {
source(sinter);
source(dgram);
source(kernel);
filter(f_turris_iptables);
destination(messages);
destination(d_messages);
};
Of course you create create your own filters and another destinations and store e.g. just more interesting messages. Another example which stores warning to errors levels:
filter f_errors {
level(warning..emerg);
};
destination d_errors {
file("/srv/omnia-logs/errors/$YEAR/$MONTH/errors-$YEAR$MONTH$DAY.log" create_dirs(yes) template(t_file_logger) suppress(5) log_fifo_size(256));
};
log {
source(sinter);
source(dgram);
source(kernel);
filter(f_errors);
destination(d_errors);
};
I would recommend to check the syslog-ng guide - e.g. https://my.balabit.com/downloads/archived_documents/syslog-ng-3.0-guides/syslog-ng-admin-guide-9ed-en.pdf
1 Like
Trying to move system logs from RAM (i.e. /var/log/) to USB I encounterd some
troubles:
- LuCI failed to display logs
- logrotate didn’t rotate system logs (messages)
I got following hints from TO team:
V OpenWRT jsou dve moznosti mountovani disku - jeden je pres automount ktery se
deje kdykoliv pripojite libovolnou flashku a druhy je pro pevne nastavena
zarizeni. Kdyz pujdete do LuCI a v zalozce pripojne body flashce nastavite
pevnou cestu (Pripojne body -> Pridat), tak tohle pripojovani se odehrava jeste
pred spustenim syslogu a tudiz by melo fungovat.
(rough translation):
There are two possibilities to mount discs in OpenWRT - one is automount, which
takes place whenever you connect flash disc, second is for devices connected
permanently. You have to use LuCI, then in System menu you select Mount Points
and set fixed mount point (Mount Points -> Add). This mounting takes place
before logging starts, thus it should work.
LuCI cte natvrdo soubor /var/log/messages, takze nastavit to nelze, ale muzete
si vyrobit symlink /var/log/messages ukazujici na opravdovy log (napriklad v
/etc/rc.local aby se udelal po startu na tmpfs ktery je ve var), ale
doporucovat bych zkontrolvat i nastaveni logrotate, aby vam ten symlink potom
nerozbil.
(rough translation):
LuCI is fixed to read /var/log/messages, thus there is no way to change it,
but you can make symlink /var/log/messages pointing to real log file (e.g. in
/etc/rc.local to be done after start on tmpfs which is in the var), but I
would recomend to check setting of logrotate as well, to keep symlink intact.
As to logrotate, you can add new location of logs to old one in
/etc/logrotate.conf, e.g.
…
/var/log/messages “new_log_location” {
…
}
But, unfortunately, sometimes logrotate rotates link instead of log file
itself, thus safe way is to change /var/log/messages to new_log_location,
e.g. instead of above example set it to new_log_location only
…
“new_log_location” {
…
}
Summary:
- change log files placement in /etc/syslog-ng.conf
- set mount point for USB in LuCI
- create symlink for /var/log/ on USB in /etc/rc.local
- change location of logs /var/log/messages to new location of messages
on USB in /etc/logrotate.conf
2 Likes