Most log files are rotated daily. The Application parameters containing rotate.max-days can be used to configure the maximum number of log files to keep. Note that because of technical limitations, web server log file rotation may behave differently.
The only exception is the parsable log files (*.parsable.log) which are rotated once they hit a fixed file size.
We recommend moving/copying log files from the server running Airlock IAM as soon as they are rotated. Ideally, the application server running IAM, should not be used for long-term log file storage. A cron job with something like the example script below or UNIX tools such as logrotate can be used. Another option is using syslog, Docker/Kubernetes log drivers, and log agents like Fluentd, Splunk to transport logs as they are produced.
Example: Copy Log Files Script
# Copy all rotated log files for instance named "$INSTANCE_NAME" to "$DESTINATION"
find "$IAM_CONFIG_ROOT/instances/$INSTANCE_NAME/logs" -name '*.log.*' -not -name "*.$(date '+%Y-%m-%d')" -exec mv {} "$DESTINATION" \;
# Optionally follow up with compression
gzip -9rv "$DESTINATION"
# The exclusion of the current date works around the different web server log naming scheme (mentioned above) and adds some additional safety in avoiding not-yet-rotated log files.
There are two ways of making sure these log files don't grow indefinitely:
- Using the build-in log file clean-up parameters. See: Logging configuration
- An external process moves these log files regularly. (e.g. a cron job)
Log4j does not support log rotation for symlink paths (log files cannot be deleted in this case). Instead of using symlinks, set the direct storage path, e.g.: iam.log.structured-file.dir = /var/log/iam.