Protect Error Logs for the Sun Java System Directory Server

Protect Error Logs for the Sun Java System Directory Server

The LDIF script that this procedure creates sets up the following rules for the error logs:

• Rotate logs weekly.
• Keep a maximum of 30 log files, and each file is at most 500 MBytes.
• Expire log files that are older than 3 months.
• Delete oldest logs if less than 500 MBytes free disk space is available.
• All log files use a maximum of 20,000 MBytes of disk space.

1. Create a script to manage error logs.

Create a /var/tmp/logs-error.ldif file with the following content:

dn: cn=config

changetype: modify

replace: nsslapd-errorlog-logging-enabled

nsslapd-errorlog-logging-enabled: on

-

replace: nsslapd-errorlog-logexpirationtime

nsslapd-errorlog-logexpirationtime: 3

-

replace: nsslapd-errorlog-logexpirationtimeunit

nsslapd-errorlog-logexpirationtimeunit: month

-

replace: nsslapd-errorlog-logrotationtime

nsslapd-errorlog-logrotationtime: 1

-

replace: nsslapd-errorlog-logrotationtimeunit

nsslapd-errorlog-logrotationtimeunit: week

-

replace: nsslapd-errorlog-maxlogsize

nsslapd-errorlog-maxlogsize: 500

-

replace: nsslapd-errorlog-maxlogsperdir

nsslapd-errorlog-maxlogsperdir: 30

-

replace: nsslapd-errorlog-logmaxdiskspace

nsslapd-errorlog-logmaxdiskspace: 20000

-

replace: nsslapd-errorlog-logminfreediskspace

nsslapd-errorlog-logminfreediskspace: 500

2. Run the script.

# ldapmodify -h localhost -D 'cn=directory manager' -f /var/tmp/logs-error.ldif

3. Answer the prompts.

4.           Enter bind password: Type the appropriate password

modifying entry cn=config