Articles in this section

Is it possible to modify rotation settings for maillog on Plesk server?

Samuel Figueredo
Updated
kb: how-to Plesk for Linux ABT: Group A

Applicable to:

  • Plesk for Linux

Question

Is it possible to change rotation settings for /var/log/maillog?

Answer

It is not possible to manage rotation settings for /var/log/maillog. By design, /var/log/maillog is rotated every day during Plesk Daily Maintenance task.

As an alternative, /var/log/maillog.proccessed rotation settings may be changed instead. After Daily Maintenance Task is executed, all log data is moved from /var/log/maillogto /var/log/maillog.proccessed.

To modify /var/log/maillog.proccessed rotation settings, perform the following steps:

  1. Log in to the server via SSH.

  2. Edit the settings in the /usr/local/psa/etc/logrotate.conf file:

    CONFIG_TEXT: /var/log/maillog.processed {

    weekly
    missingok
    rotate 3
    compress
    nocreate
    }

Note: Use one of the following words to set the rotation frequency: hourly, daily, weekly, monthly, yearly.

Was this article helpful?

Comments

1 comment
Date Votes
  • Avatar
    Ehud Ziegelman

    Hi Leonid Gukhman,

     

    I have noticed lots of attacks on server take place on 06:29 AM, a minute before DAILY common log rotate takes place.

    This way, an admin might not even see the attack scanning logs with its eyes.

    The only record would be for example on Fail2Ban logs, and alert emails from such a time.

    Please suggest a way to manually change the DAILY log-rotate time (hour) configuration, to be set manually on a server level.

     

    May I also ask, where would LOG records of server being accessed on 06:29 AM disappear, as searching for the blocked by fail2ban IPs, brought NO results but the fail2ban log itself...

     

    grep -r "999.888.199.113 " /var/log/*
    /var/log/fail2ban.log:2023-05-15 10:13:26,417 fail2ban.filter         [2765544]: INFO    [httpd_forbidden] Found 999.888.199.113 - 2023-05-15 10:13:26
    /var/log/fail2ban.log:2023-05-16 06:29:17,726 fail2ban.filter         [2765544]: INFO    [httpd_forbidden] Found 999.888.199.113 - 2023-05-16 06:29:17
    grep: /var/log/journal/56725fa7bace4538bba1ee9f38ad68a2/system.journal: binary file matches
    grep: /var/log/journal/56725fa7bace4538bba1ee9f38ad68a2/system@5d3e8c5ae81f4feb84a137838eaebec4-00000000003e79ce-0005fbb234011ca5.journal: binary file matches
    grep: /var/log/journal/56725fa7bace4538bba1ee9f38ad68a2/system@5d3e8c5ae81f4feb84a137838eaebec4-00000000003f4c52-0005fbbd3c8edf0e.journal: binary file matches


    grep -r "999.888.199.113 " /var/www/vhosts/*

    NONE

     

    While on Fail2ban log:

    2023-05-16 06:29:17,726 fail2ban.filter [2765544]: INFO [jail_name] Found 999.888.199.113 - 2023-05-16 06:29:17
    2023-05-16 06:29:18,639 fail2ban.actions [2765544]: NOTICE [jail_name] Ban 999.888.199.113
    0

Please sign in to leave a comment.