Log rotation

Most log files are rotated daily. The Application parameters containing "rotate.max-days" can be used to configure the maximum number of log files to keep. (Because of technical limitations, web server log file rotation may behave differently.)

The only exception are the "parsable" log files (*.parsable.log) which are rotated once they hit a fixed file size.

We recommend moving/copying log files from the server running IAM as soon as they are rotated. Ideally the application server running IAM, should not be used for long-term log file storage. A cron job with something like the example script below or unix tools such as "logrotate" can be used. Another option is using syslog, Docker/Kubernetes log drivers, and log agents like Fluentd, Splunk to transport logs as they are produced.

Example: Copy Log Files Script

# Copy all rotated log files for instance named "$INSTANCE_NAME" to "$DESTINATION"
find "$IAM_CONFIG_ROOT/instances/$INSTANCE_NAME/logs" -name '*.log.*' -not -name "*.$(date '+%Y-%m-%d')" -exec mv {} "$DESTINATION" \;
# Optionally follow up with compression
gzip -9rv "$DESTINATION"

# The exclusion of the current date works around the different web server log naming scheme (mentioned above) and adds some additional safety in avoiding not-yet-rotated log files.

There are two ways of making sure these log files don't grow indefinitely:

  • Using the build-in log file clean-up parameters. See: Logging configuration
  • An external process moves these log files regularly. (e.g. a cron job)