Task/vki/pxpse 421 add st2auth to st2conflogrotat #2294
Conversation
…PXPSE-421-add-st2auth-to-st2conflogrotat
|
Good catch - no idea how we missed that :) |
| @@ -20,6 +20,23 @@ notifempty | |||
| endscript | |||
| } | |||
|
|
|||
| ## AUTH | |||
| /var/log/st2/st2auth.log { | |||
There was a problem hiding this comment.
Should this be "/var/log/st2/st2auth*.log" since the audit entry added below is identical to this one?
There was a problem hiding this comment.
We only run one instance of st2auth process and don't include PID in the log file name (like in the action runner case) so I believe this is fine.
There was a problem hiding this comment.
I probably should have said use this "/var/log/st2/st2auth*.log" and then eliminate this identical section for audit:
/var/log/st2/st2auth.audit.log {
daily
rotate 5
postrotate
st2ctl reopen-log-files st2auth
endscript
}
There was a problem hiding this comment.
Usually it's better to have two entries one for normal and one for audit file - the reason for that is that users might want to keep audit log files longer than regular log files.
There was a problem hiding this comment.
Should we break out results tracker, notifier, and sensor container into separate entries for audit and non-audit to be consistent? They are currently using *.log. Last question. :-)
There was a problem hiding this comment.
IIRC, only st2api and st2auth really log audit log messages so we should be fine.
…o-st2conflogrotat Task/vki/pxpse 421 add st2auth to st2conflogrotat
|
Merged, thanks. |
andrew-regan
deleted the
task/vki/PXPSE-421-add-st2auth-to-st2conflogrotat
branch
Added st2auth.log and st2auth.audit.log to conf/logrotate.conf