Log files such as those found in /var/log tend to grow endlessly,
so it’s a good idea to rotate them once in a while—i.e., archive
their contents in separate files, possibly compressed. The
services admin) module provides an interface to GNU Rot[t]log, a
log rotation tool (see GNU Rot[t]log Manual).
This service is part of
%base-services, and thus enabled by
default, with the default settings, for commonly encountered log files.
The example below shows how to extend it with an additional
rotation, should you need to do that (usually, services that
produce log files already take care of that):
(use-modules (guix) (gnu)) (use-service-modules admin) (define my-log-files ;; Log files that I want to rotate. '("/var/log/something.log" "/var/log/another.log")) (operating-system ;; … (services (cons (simple-service 'rotate-my-stuff rottlog-service-type (list (log-rotation (frequency 'daily) (files my-log-files)))) %base-services)))
This is the type of the Rottlog service, whose value is a
Other services can extend this one with new
(see below), thereby augmenting the set of files to be rotated.
This service type can define mcron jobs (see Scheduled Job Execution) to run the rottlog service.
Data type representing the configuration of rottlog.
The Rottlog package to use.
(file-append rottlog "/etc/rc"))
The Rottlog configuration file to use (see Mandatory RC Variables in GNU Rot[t]log Manual).
A list of
log-rotation objects as defined below.
This is a list of gexps where each gexp corresponds to an mcron job specification (see Scheduled Job Execution).
Data type representing the rotation of a group of log files.
Taking an example from the Rottlog manual (see Period Related File Examples in GNU Rot[t]log Manual), a log rotation might be defined like this:
(log-rotation (frequency 'daily) (files '("/var/log/apache/*")) (options '("storedir apache-archives" "rotate 6" "notifempty" "nocompress")))
The list of fields is as follows:
The log rotation frequency, a symbol.
The list of files or file glob patterns to rotate.
The list of rottlog options for this rotation (see Configuration parameters in GNU Rot[t]lg Manual).
#f or a gexp to execute once the rotation has completed.
Specifies weekly rotation of
%rotated-files and of
The list of syslog-controlled files to be rotated. By default it is:
'("/var/log/messages" "/var/log/secure" "/var/log/debug" \
Some log files just need to be deleted periodically once they are old,
without any other criterion and without any archival step. This is the
case of build logs stored by
/var/log/guix/drvs (see Invoking guix-daemon). The
log-cleanup service addresses this use case. For example,
%base-services (see Base Services) includes the following:
;; Periodically delete old build logs. (service log-cleanup-service-type (log-cleanup-configuration (directory "/var/log/guix/drvs")))
That ensures build logs do not accumulate endlessly.
This is the type of the service to delete old logs. Its value must be a
log-cleanup-configuration record as described below.
Data type representing the log cleanup configuration
Name of the directory containing log files.
(* 6 30 24 3600))
Age in seconds after which a file is subject to deletion (six months by default).
"30 12 01,08,15,22 * *")
String or gexp denoting the corresponding mcron job schedule (see Scheduled Job Execution).
Anonip is a privacy filter that removes IP address from web server logs. This service creates a FIFO and filters any written lines with anonip before writing the filtered log to a target file.
The following example sets up the FIFO /var/run/anonip/https.access.log and writes the filtered log file /var/log/anonip/https.access.log.
(service anonip-service-type (anonip-configuration (input "/var/run/anonip/https.access.log") (output "/var/log/anonip/https.access.log")))
Configure your web server to write its logs to the FIFO at /var/run/anonip/https.access.log and collect the anonymized log file at /var/web-logs/https.access.log.
This data type represents the configuration of anonip. It has the following parameters:
The anonip package to use.
The file name of the input log file to process. The service creates a FIFO of this name. The web server should write its logs to this FIFO.
The file name of the processed log file.
The following optional settings may be provided:
#true do not mask addresses in private ranges.
A 1-based indexed column number. Assume IP address is in the specified column (default is 1).
Replacement string in case address parsing fails, e.g.
Number of bits to mask in IPv4 addresses.
Number of bits to mask in IPv6 addresses.
Increment the IP address by the given number. By default this is zero.
Log delimiter string.
Regular expression for detecting IP addresses. Use this instead of