=======Gestion des logs=======

=====Services=====

===VPN===

Dans /etc/openvpn/common.conf, la configuration indique que le niveau de verbosité de nos logs est actuellement de 4 :
<code>
; Logs
verb 4
</code>

Doc de la page de man openvpn sur l'option ''verb'' :
<code>
       --verb n
              Set  output  verbosity  to n (default=1).  Each level shows all info from the previous levels.  Level 3 is recommended if you want a
              good summary of what's happening without being swamped by output.

              0 -- No output except fatal errors.
              1 to 4 -- Normal usage range.
              5 -- Output R and W characters to the console for each packet read and write, uppercase is used for TCP/UDP packets and lowercase is
              used for TUN/TAP packets.
              6 to 11 -- Debug info range (see errlevel.h for additional information on debug levels).
</code>

**Proposition** : mettre le niveau de verbosité à 3 suite aux informations de la page de man.

Ensuite pour ne conserver que deux semaines de logs, cela se gère avec logrotate. Le fichier de conf est ''/etc/logrotate.conf''.
Cf : voir la documentation syslog-ng sur la configuration de la rotation des logs : https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/example-logrotate.html 

Éléments importants du fichier de configuration actuelle :
<code>
# rotate log files weekly
weekly

# keep 4 weeks worth of backlogs
rotate 4

# create new (empty) log files after rotating old ones
create
</code>

**Proposition** : configurer pour conserver 2 semaines et recréer les fichiers à chaque fois pour tous les logs
<code>
# see "man logrotate" for details
# rotate log files weekly
weekly

# keep 2 weeks worth of backlogs
rotate 2

# create new (empty) log files after rotating old ones
create

# uncomment this if you want your log files compressed
#compress

# packages drop log rotation information into this directory
include /etc/logrotate.d

# no packages own wtmp, or btmp -- we'll rotate them here
/var/log/wtmp {
    missingok
    monthly
    create 0664 root utmp
    rotate 1
}

/var/log/btmp {
    missingok
    monthly
    create 0660 root utmp
    rotate 1
}

# system-specific logs may be configured here
</code>

**ou** : configurer uniquement la rotation toutes les deux semaines pour les logs dans daemon.log 

<code>
# see "man logrotate" for details
# rotate log files weekly
weekly

# keep 4 weeks worth of backlogs
rotate 4

# create new (empty) log files after rotating old ones
create

# uncomment this if you want your log files compressed
#compress

# packages drop log rotation information into this directory
include /etc/logrotate.d

# no packages own wtmp, or btmp -- we'll rotate them here
/var/log/wtmp {
    missingok
    monthly
    create 0664 root utmp
    rotate 1
}

/var/log/btmp {
    missingok
    monthly
    create 0660 root utmp
    rotate 1
}

# system-specific logs may be configured here
/var/log/daemon.log {
           #Rotation des logs toutes les deux semaines
           rotate 2
           weekly
           postrotate
               #Fermeture de tous les fichiers syslog
               /usr/bin/killall -HUP syslogd
           endscript
       }

</code>
=====Ressources (peut être utiles)=====

https://linuxconfig.org/logrotate

https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/example-logrotate.html

http://www.wpollock.com/AUnix2/Logging.htm