anacron daily error logrotate

leonep

leonep

Well-Known Member
Nov 18, 2014
230
18
68
Pescara
cPanel Access Level
Root Administrator
hi ,
1 of my boxes sometime shows error on cron daily
i have no idea what is

/etc/cron.daily/logrotate:

error: modsecurity_logs:1 duplicate log entry for /usr/local/apache/logs/modsec_audit.log
error: found error in file modsecurity_logs, skipping

you think this need more investigation?
 
Last edited:
andrew.n

andrew.n

Well-Known Member
Jun 9, 2020
951
352
63
EU
cPanel Access Level
Root Administrator
What is the first line in the file of /usr/local/apache/logs/modsec_audit.log?
 
andrew.n

andrew.n

Well-Known Member
Jun 9, 2020
951
352
63
EU
cPanel Access Level
Root Administrator
my bad sorry...what is the content of "modsecurity_logs" file?
 
leonep

leonep

Well-Known Member
Nov 18, 2014
230
18
68
Pescara
cPanel Access Level
Root Administrator
thanks for help . here is it

/usr/local/apache/logs/modsec_audit.log {
rotate 15
size=300M
missingok
compress
postrotate
/usr/local/cpanel/scripts/restartsrv_httpd &> /dev/null || true
/usr/local/cpanel/scripts/restartsrv_tailwatchd &> /dev/null || true
endscript
}
 
andrew.n

andrew.n

Well-Known Member
Jun 9, 2020
951
352
63
EU
cPanel Access Level
Root Administrator
Can you remove "/usr/local/apache/logs/modsec_audit.log" from that file and leave only this?

{
rotate 15
size=300M
missingok
compress
postrotate
/usr/local/cpanel/scripts/restartsrv_httpd &> /dev/null || true
/usr/local/cpanel/scripts/restartsrv_tailwatchd &> /dev/null || true
endscript
}
 
leonep

leonep

Well-Known Member
Nov 18, 2014
230
18
68
Pescara
cPanel Access Level
Root Administrator
the solution is very simple (thanks to cpanel support :) )
i append here , i hope it help someone:

The error is reporting that two different configurations are trying to rotate the same file:
[12:58:20 gemini [email protected] /etc/logrotate.d]cPs# grep '/usr/local/apache/logs/modsec_audit.log' *
httpd:/usr/local/apache/logs/modsec_audit.log
modsecurity_logs:/usr/local/apache/logs/modsec_audit.log {
Shown above, both the httpd and modsecurity_logs configurations are attempting to rotate this log, however, the second attempt is being skipped.

If you'd like to remove this warning, you can remove the second check:
mv /etc/logrotate.d/modsecurity_logs /root/modsecurity_logs.logrotate.bak

thanks
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
D Ambiguous email notification daily. Operating Systems 4
M Daily Process log vs. /usr/local/cpanel/bin/dcpumonview Operating Systems 7
H /etc/cron.daily/logrotate: minidaemn: unrecognized service Operating Systems 2
M SOLVED Anacron job 'cron.daily' on error Operating Systems 2
postcd SOLVED Anacron job 'cron.daily' on host.name.tld Operating Systems 2
Similar threads
Ambiguous email notification daily.
Daily Process log vs. /usr/local/cpanel/bin/dcpumonview
/etc/cron.daily/logrotate: minidaemn: unrecognized service
SOLVED Anacron job 'cron.daily' on error
SOLVED Anacron job 'cron.daily' on host.name.tld
Top Bottom