§2024-05-15
¶How To tail and log
We have log file in /opt/package/mongoDB/log/mongod.log. We will tail entries of 'Slow|error' and put into a file as mongoDB-Slow-error.log and put under the control of log utility
- redisMongo01.yushei.com.tw 192.168.2.153
- redisMongo02.yushei.com.tw 192.168.2.232
- redisMongo03.yushei.com.tw 192.168.2.250
- redisMongo04.yushei.com.tw 192.168.2.231
- redisMongo??.yushei.com.tw 192.168.2.235
- ys20220317, siteRootAdmin, b23258585
- add user
alexlai
% ssh ysadmin@redisMongo02.yushei.com.tw
$ sudo useradd -m -G wheel(sudo) -u 1026 alexlai
- nano
~scripts/tail_mongod_log.shandchmod a+x ~scripts/tail_mongo_log.sh
#!/bin/bash
LOG_FILE="/opt/package/mongoDB/log/mongod.log"
OUTPUT_FILE="/var/log/mongoDB-Slow-error.log"
# Tail the log file for entries containing "error" or "Slow" and redirect them to the output file
tail -f $LOG_FILE | grep -E 'error|Slow' > $OUTPUT_FILE
- Create a configuration file, for example, /etc/logrotate.d/mongodb
/var/log/mongoDB-Slow-error.log {
daily
rotate 7
compress
missingok
notifempty
create 0644 mongodb mongodb
su root root
}
if you modify the above file
logrotate -f /etc/logrotate.d/mongodbto make it effective
# logrotate -f /etc/logrotate.d/mongodb
error: skipping "/var/log/mongoDB-Slow-error.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
The error message indicates that the parent directory of the log file /var/log/mongoDB-Slow-error.log has insecure permissions. This means that the directory is either world-writable or writable by a group other than root.
To resolve this issue, you should adjust the permissions of the parent directory so that it's not world-writable and is owned by root or a more secure user/group. Additionally, you can use the su directive in the logrotate configuration file to specify which user/group logrotate should use for the rotation process.
Here's how you can fix it:
Adjust Directory Permissions:
Set more restrictive permissions for the parent directory of /var/log/mongoDB-Slow-error.log. For example, you can use the following commands:
bash
sudo chmod 755 /var/log
sudo chown root:root /var/log
Update Logrotate Configuration:
Add the su directive to the logrotate configuration file /etc/logrotate.d/mongodb to specify the user and group for log rotation. For example:
bash
/var/log/mongoDB-Slow-error.log {
daily
rotate 7
compress
missingok
notifempty
create 0644 mongodb mongodb
su root root
}
The su root root line specifies that logrotate should run with root user and root group permissions when performing log rotation.
After making these changes, you can try running the logrotate command again to force rotation:
bash
logrotate -f /etc/logrotate.d/mongodb
This should rotate the log file without encountering the insecure permissions error.
- Set up the Cron Job: Finally, set up a cron job to run the script at your desired interval.
Open the crontab editor by running crontab -e and add the following line to run the script every hour:
# rotate at midnight 00:00
0 0 * * * /home/alexlai/scripts/tail_mongod_log.sh >> /var/log/mongodb_tail.log 2>&1
grotate configuration file specifies how logrotate should manage the log file located at /var/log/mongoDB-Slow-error.log. Let's break down each directive:
daily:
This directive tells logrotate to rotate the log file daily. This means that a new log file will be created every day, and the old log files will be rotated according to the rotation settings.
rotate 7:
This directive instructs logrotate to keep up to 7 rotated log files.
When logrotate rotates the log file, it renames the current log file to include a number (e.g., mongoDB-Slow-error.log.1), and increments the numbers for older log files. Once there are 7 rotated log files present, logrotate will remove the oldest one when a new log file is created.
compress:
This directive enables compression for the rotated log files.
When logrotate rotates the log file, it compresses the rotated file using gzip by default. This helps save disk space by compressing older log files.
missingok:
This directive tells logrotate not to produce an error if the log file is missing.
If the log file specified in the configuration is not present, logrotate will continue with the rotation process without generating an error.
notifempty:
This directive instructs logrotate not to rotate the log file if it is empty.
If the log file is empty when logrotate runs, it will not rotate the log file and will leave it as is.
create 0644 mongodb mongodb:
This directive tells logrotate to create a new log file with the specified permissions and ownership if the log file does not exist.
0644 specifies the permissions for the newly created log file. In this case, it's set to 0644, which means read/write for the owner and read for others.
mongodb mongodb specifies the user and group ownership for the new log file. Both the user and group are set to mongodb.
su root root:
This directive specifies the user and group that logrotate should use when performing log rotation.
In this case, logrotate will run with root user and root group permissions when rotating the log file.
Overall, this logrotate configuration file ensures that the log file /var/log/mongoDB-Slow-error.log is rotated daily, compressed, and managed according to the specified permissions and ownership. It also sets up error handling to prevent issues if the log file is missing or empty.