Table des matières
Gestion des logs
Services
VPN
Dans /etc/openvpn/common.conf, la configuration indique que le niveau de verbosité de nos logs est actuellement de 4 :
; Logs verb 4
Doc de la page de man openvpn sur l'option verb :
--verb n
Set output verbosity to n (default=1). Each level shows all info from the previous levels. Level 3 is recommended if you want a
good summary of what's happening without being swamped by output.
0 -- No output except fatal errors.
1 to 4 -- Normal usage range.
5 -- Output R and W characters to the console for each packet read and write, uppercase is used for TCP/UDP packets and lowercase is
used for TUN/TAP packets.
6 to 11 -- Debug info range (see errlevel.h for additional information on debug levels).
Proposition : mettre le niveau de verbosité à 3 suite aux informations de la page de man.
Ensuite pour ne conserver que deux semaines de logs, cela se gère avec logrotate. Le fichier de conf est /etc/logrotate.conf.
Cf : voir la documentation syslog-ng sur la configuration de la rotation des logs : https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/example-logrotate.html
Éléments importants du fichier de configuration actuelle :
# rotate log files weekly weekly # keep 4 weeks worth of backlogs rotate 4 # create new (empty) log files after rotating old ones create
Proposition : configurer pour conserver 2 semaines et recréer les fichiers à chaque fois pour tous les logs
# see "man logrotate" for details
# rotate log files weekly
weekly
# keep 2 weeks worth of backlogs
rotate 2
# create new (empty) log files after rotating old ones
create
# uncomment this if you want your log files compressed
#compress
# packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp, or btmp -- we'll rotate them here
/var/log/wtmp {
missingok
monthly
create 0664 root utmp
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0660 root utmp
rotate 1
}
# system-specific logs may be configured here
ou : configurer uniquement la rotation toutes les deux semaines pour les logs dans daemon.log
# see "man logrotate" for details
# rotate log files weekly
weekly
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# uncomment this if you want your log files compressed
#compress
# packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp, or btmp -- we'll rotate them here
/var/log/wtmp {
missingok
monthly
create 0664 root utmp
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0660 root utmp
rotate 1
}
# system-specific logs may be configured here
/var/log/daemon.log {
#Rotation des logs toutes les deux semaines
rotate 2
weekly
postrotate
#Fermeture de tous les fichiers syslog
/usr/bin/killall -HUP syslogd
endscript
}